• how to intercept and decode ssl traffic

• martian packet
• bogon filtering
• learn with me: vlans & pfsense
• kerberos
• 59 linux networking commands and scripts
• air-gap research page

• bing-ip2hosts - enumerate hostnames from bing
• crackmapexec - a swiss army knife for pentesting networks
• datasploit - osint framework to perform various recon techniques
• dnsenum - perl script that enumerates dns information
• dnsmap - subdomain brute-forcing
• dnsrecon - dns enumeration script
• dork-cli - command-line google dork tool
• dorks - google hack database automation tool
• faraday - collaborative penetration test and vulnerability management platform
• fierce - dns analysis perl script
• foca - fingerprinting organizations with collected archives
• hping - network tool able to send custom tcp/ip packets
• image-match - quickly search over billions of images
• knock - subdomain scan
• masscan - fast tcp port scanner
• metagoofil - document and metadata reconnaissance (updated version)
• onioff - an onion url inspector for inspecting deep web links
• osint-spy - performs osint scan on email/domain/ip_address/organization
• packetwhisper - stealthily exfiltrate data and defeat attribution using dns queries and text-based steganography. avoid the problems associated with typical dns exfiltration methods. transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. no need to control a dns name server.
• pagodo - automate google hacking database scraping
• simplyemail - email recon made fast and easy
• sniff-paste - pastebin osint harvester
• surfraw - a fast unix command line interface to a variety of popular www search engines
• tekdefense-automater - ip url and md5 osint analysis
• theharvester - e-mails, subdomains and names harvester - osint
• whatweb - web scanner
• xray - a tool for recon, mapping and osint gathering from public networks
• zmap - fast single packet network scanner

https://wigle.net/ - map of networks

• cheat sheet

• bettercap - the swiss army knife for 802.11, ble and ethernet networks reconnaissance and mitm attacks
• macchanger - utility that makes the manipulation of mac addresses of network interfaces easier
• mitmproxy - free and open source interactive https proxy
• mkcert - make locally trusted development certificates with any names you'd like
• sslstrip - ssl/tls man-in-the-middle attack tool
• wireshark - the world's foremost and widely-used network protocol analyzer

• usb replay - replays a .pcap of usb traffic
• usbrevue - usbrevue is a suite of tools for reverse-engineering usb devices.
• usb traffic protocol decoder - analysing usb traffic protocol decoder from a pcap wireshark

• aircrack-ng - a complete suite of tools to assess wifi network security
• airgeddon - multi-use bash script for linux systems to audit wireless networks
• bluelog - a highly configurable linux bluetooth scanner
• boopsuite - a suite of tools written in python for wireless auditing
• bully - implementation of the wps brute force attack, written in c
• fluxion - fluxion is a remake of linset by vk496 with less bugs and enhanced functionality
• infernal-twin - this is automated wireless hacking tool
• kismet - an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system
• krackattacks-scripts - wpa2 krack attack scripts
• krack detector - detect and prevent krack attacks in your network
• pixiewps - an offline wi-fi protected setup brute-force utility
• routersploit - exploitation framework for embedded devices
• wifi-arsenal - resources for wifi pentesting
• wifiphisher - the rogue access point framework
• wifi-pumpkin - framework for rogue wi-fi access point attack