aw-junaid/Black-Hat-Python

GitHub: aw-junaid/Black-Hat-Python

一套涵盖网络侦察、渗透测试与漏洞验证的进阶 Python 安全脚本工具集合。

Stars: 124 | Forks: 22

# Black-Hat-Python awjunaid ![GitHub contributors](https://img.shields.io/github/contributors/aw-junaid/Black-Hat-Python) ![GitHub followers](https://img.shields.io/github/followers/aw-junaid) ![YouTube Channel Subscribers](https://img.shields.io/youtube/channel/subscribers/UClhKVCHjOxBTNM50lOBTgoA) ![Discord](https://img.shields.io/discord/1163365511309049948) ![X (formerly Twitter) Follow](https://img.shields.io/twitter/follow/awjunaid_) ![GitHub commit activity](https://img.shields.io/github/commit-activity/t/aw-junaid/Black-Hat-Python) ![Website](https://img.shields.io/website?url=https%3A%2F%2Fawjunaid.com%2F) ![GitHub repo size](https://img.shields.io/github/repo-size/aw-junaid/Black-Hat-Python) # 联系我: youtube logo instagram logo twitch logo proton mail logo linkedin logo twitter logo discord logo # 来源 - [blackhat-python3](https://github.com/EONRaider/blackhat-python3) - [Mastering Python Scripting for System Administrators](https://github.com/PacktPublishing/Mastering-Python-Scripting-for-System-Administrators-) - [python-pentest-tools](https://github.com/dloss/python-pentest-tools/blob/master/README.md) # 目录 ## 🔴 1. 密码攻击与凭证攻击 - [密码哈希破解 (`hashlib` / hashcat 集成)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/Password%20Hash%20Cracking.md) - [LDAP 暴力破解](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/LDAP%20Brute%20Force.md) - [使用 Paramiko 进行 SSH 暴力破解](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/SSH%20Brute%20Force%20Tool.md) - [FTP 暴力破解](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/FTP%20Brute%20Force%20Tool.md) - [SMB 暴力破解 (`impacket`)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/SMB%20Brute%20Force%20Tool.md) ## 🌐 2. Python 网络 ### 基础网络客户端与服务器 - [TCP 客户端](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Client.md) - [UDP 客户端](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/UDP%20Client.md) - [TCP 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Server.md) - [用于远程代码执行的 Netcat 客户端和服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Netcat%20Client%20%26%20Server.md) - [TCP 代理](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Proxy.md) ### SSH 工具 - [使用 Paramiko 的 SSH](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/SSH%20with%20Paramiko.py) - [使用 paramiko 的基础 SSH 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Basic%20SSH%20server%20using%20the%20paramiko.md) - [SSH 反向隧道](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/SSH%20reverse%20tunneling.md) - [简单的 SSH 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/bhp_reverse_ssh_cmd.md) ### 数据包嗅探器与网络分析 - [使用原始套接字的数据包嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/packet%20sniffer%20using%20raw%20sockets.md) - [解码 Header 的数据包嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Packet%20Sniffer%20Decoding%20Header.md) - [解码 ICMP 的数据包嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Packet%20Sniffer%20Decoding%20ICMP.md) - [带有 ICMP 数据包分析的 Python 子网扫描器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Python%20Subnet%20Scanner%20with%20ICMP%20Packet%20Analysis.md) - [Python 电子邮件凭证嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Email%20Credential%20Sniffer%20in%20Python.md) ### 基于 Scapy 的攻击 - [使用 Scapy 进行 ARP 缓存投毒](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/ARP%20Cache%20Poisoning%20with%20Scapy.md) - [PCAP 图片提取器与人脸检测器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/PCAP%20Image%20Extractor%20%26%20Face%20Detector.md) ### 端口扫描与主机发现 - [检查远程主机上的开放和关闭端口](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Check%20Open%20and%20Closed%20Ports%20on%20a%20Remote%20Host.md) - [多线程 TCP 端口扫描](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Multithreaded%20TCP%20Port%20Scanning.md) - [扫描远程主机上的端口范围](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Scanning%20a%20Range%20of%20Ports%20on%20a%20Remote%20Host.md) - [测试与远程主机的 Socket 连接](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Test%20a%20Socket%20Connection%20to%20a%20Remote%20Host.md) - [从 IP 地址解析主机名](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Resolve%20Host%20Name%20from%20an%20IP%20Address.md) ### Scapy 高级用法 - 使用 Scapy 进行 TCP SYN 扫描 - 操作系统指纹识别 - 自定义协议构造 - 使用 Scapy 进行网络路由追踪 ## 🔥 3. 网络攻击 - DNS 欺骗 / DNS 投毒 - [DHCP 饥饿攻击](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/DHCP%20Starvation%20Attack.md) - [SYN 洪水 / DoS 脚本](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/SYN%20Flood.md) - [VLAN 跳跃](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/VLAN%20Hopping%20Tool.md) - [ICMP 隧道](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/ICMP%20Tunneling%20Network.md) - [SSL/TLS 剥离](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/TLS%20Stripping.md) - [802.11 Wi-Fi Deauth 攻击 (Scapy)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/802.11%20Wi-Fi.md) - [WPA 握手包抓取](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/WPA%20Handshake.md) ## 🕷️ 4. Web 应用程序黑客技术 ### Web 路径发现与爬取 - [Web 路径扫描器 (Joomla 站点爬虫)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Web%20Path%20Scanner%20(Joomla%20Site%20Crawler).md) - [目录与文件暴破工具](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Directory%20%26%20File%20Bruteforcer.md) ### 暴力破解攻击 - [HTTP 认证暴力破解扫描](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/brute-force%20HTTP%20authentication%20scan.md) - [多线程暴力破解登录脚本](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Multi-threaded%20Brute-Force%20Login%20Script.md) - [对 WordPress 登录页面的多线程暴力破解攻击](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/multi-threaded%20brute-force%20attack%20on%20a%20WordPress%20login%20page.md) ### Web 漏洞测试 - SQL 注入检测与利用 - XSS Payload 注入测试器 (反射型 / 存储型 / DOM) - CSRF Token 绕过 - XXE 注入测试器 - SSRF 检测脚本 - LFI / RFI 扫描器 - JWT Token 篡改 - CORS 配置错误扫描器 - GraphQL 枚举与 Fuzzing - Cookie 篡改 / 会话劫持 - HTTP 请求走私 - OAuth 攻击脚本 ### Web 抓取与侦察 - 用于侦察的 Web 抓取器 / 爬虫 (BeautifulSoup / Selenium) - REST API Fuzzer ## 🔧 5. Burp Suite 扩展与 Fuzzing ### Burp Fuzzing 工具 - [Burp Suite Intruder Payload 生成器 (Python 扩展)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Intruder%20Payload%20Generator%20(Python%20Extension).md) - [Burp Suite 扩展:BHP Wordlist (Bing 搜索集成)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Extension%3A%20BHP%20Wordlist%20(Bing%20Search%20Integration).md) - [Burp Suite 扩展:BHP Wordlist 生成器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Extension%3A%20BHP%20Wordlist%20Generator.md) ## 🎯 6. 侦察与 OSINT - [WHOIS 查询自动化](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Reconnaissance%20%26%20OSINT/WHOIS%20Lookup.md) - [DNS 枚举 (子域名)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Reconnaissance%20%26%20OSINT/DNS%20Enumeration.md) - [Google Dorking 自动化](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Reconnaissance%20%26%20OSINT/Google%20Dorking.md) - Shodan API 集成 - 电子邮件收集 (`theHarvester` 风格) - Banner 抓取 - SNMP 枚举 - SMB 枚举 (`impacket`) - NetBIOS / LLMNR 投毒 - 从图片/文档中提取 EXIF 元数据 - 用户名 / 社交媒体枚举 ## 🦠 7. 木马与恶意软件开发 ### 基于 GitHub 的命令与控制 - [基于 GitHub 的木马](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Github%20Command%20and%20Control/GitHub-based%20trojan.md) ### Windows 上的木马任务 - [键盘记录器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/keylogger.md) - [在 Windows 系统上捕获整个桌面的屏幕截图](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/captures%20a%20screenshot%20of%20the%20entire%20desktop%20on%20a%20Windows%20system.md) - [从 Web 服务器执行 shellcode](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/execute%20shellcode%20from%20a%20web%20server.md) - [沙箱检测](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Sandbox%20Detection.md) - [监控 Windows 系统上的进程](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Monitor%20processes%20on%20a%20Windows%20system.md) - [监控特定目录](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/monitor%20specific%20directories.md) - [代码注入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Code%20Injection.md) ## 🌐 8. 浏览器攻击 - [浏览器劫持与登录重定向](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Browser%20Hijacking%20and%20Login%20Redirect.md) - [用于捕获凭证的简单 HTTP 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Simple%20HTTP%20Server%20for%20Capturing%20Credentials.md) - [使用 Tumblr 进行文档窃取](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Document%20Exfiltration%20Using%20Tumblr.md) - [生成带有 2048 位密钥长度的新 RSA 密钥对](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/generates%20a%20new%20RSA%20key%20pair%20with%20a%202048-bit%20key%20length.md) - [解密并解压加密数据](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/decrypts%20and%20decompresses%20the%20encrypted%20data.md) ## 🚀 9. 后渗透与权限提升 ### Shell 与后门 - 反向 Shell 生成器 (TCP / HTTP / HTTPS) - 正向 Shell - Meterpreter 风格的 Python 后门 ### Windows 后渗透 - Windows 注册表操作 - Token 模拟 - 从内存中转储密码 - Pass-the-Hash 攻击 (`impacket`) - Mimikatz 集成 / 凭证转储 ### Linux 后渗透 - Linux SUID / GUID 枚举 - Cron 任务滥用检测 ### 持久化与数据窃取 - 通过启动脚本 / Cron / 注册表实现持久化 - 通过 DNS / ICMP / 隐蔽通道进行数据窃取 ## 🏰 10. 活动目录攻击 - Kerberoasting - Pass-the-Ticket - LDAP 枚举 (`ldap3`) - BloodHound 数据收集 (`BloodHound.py`) - SMB 共享枚举 (`SMBMap`) ## 🥷 11. 绕过与反取证 - Payload 混淆 - 进程镂空 - DLL 注入 - 日志清除 / 篡改 - 文件时间戳篡改 - 多态 Shellcode - Base64 / XOR Payload 编码 ## 🎮 12. C2 (命令与控制) - 基于 DNS 的 C2 通道 - HTTP / HTTPS C2 Beacon - Slack / Discord C2 - 使用 AES 加密的 C2 - 心跳 / 持久化机制 ## 🔍 13. 漏洞扫描与利用 ### 扫描与指纹识别 - CVE 扫描器 / 漏洞检查器 - 服务版本指纹识别 - Nmap Python 包装器 (`python-nmap`) ### 漏洞利用开发 - 漏洞利用开发 — 缓冲区溢出 - 格式化字符串漏洞测试器 - 自定义 Fuzzing 框架 (TCP / UDP / 文件 / API) - ROP 链生成 - 缓冲区溢出 Pattern 生成器 (类似 `pattern_create`) - Shellcode 编码器 / 解码器 - 坏字符查找器 ## 🔐 14. 密码学攻击 - Padding Oracle 攻击 - ECB 模式检测 - 频率分析 (经典密码) - 弱 TLS / SSL 检测 - S/MIME 与 PGP 密钥提取 - 密码哈希识别器 - AES / XOR 自定义加密与解密 ## 🎣 15. 钓鱼工具 - 钓鱼电子邮件生成器 - 克隆网站以收集凭证 - URL 混淆技术 ## 🔬 16. 取证与内存分析 - [使用 Volatility 3 从 Windows 内存转储中提取密码哈希](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/extract%20password%20hashes%20from%20a%20Windows%20memory%20dump%20using%20Volatility%203.md) - [将执行重定向到注入的 shellcode](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/redirect%20execution%20to%20the%20injected%20shellcode.md) - [Immunity Debugger](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/Immunity%20Debugger.md) ## ☁️ 17. 容器与云安全 - Docker 逃逸技术 - AWS / Azure / GCP 配置错误扫描器 - S3 存储桶枚举 ## ⚙️ 18. 自动化管理任务 ### 输入与输出处理 - [从文件接受输入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/accept_by_input_file.md) - [从管道接受输入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/accept_by_pipe.md) - [捕获并处理命令输出](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/capture_output.md) - [重定向输入/输出流](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Redirect%20input-output%20streams.md) ### 系统命令与执行 - [执行外部系统命令](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/execute_external_commands.md) - [运行脚本而不提示用户](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/no_prompt.md) - [运行脚本并提示用户](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Run%20scripts%20with%20user%20prompts.md) ### 文件与目录操作 - [列出目录内容](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/list_dir.md) - [使用 `os` 模块进行目录操作的示例](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/os_dir_example.md) - [创建文件或目录的备份](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Create%20backups%20of%20files%20or%20directories.md) ### 配置管理 - [读取和解析配置文件](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/read_config_file.md) - [读取和处理多个配置文件](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/read_many_config_file.md) ### 安全与认证 - [安全处理密码输入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/handling_password.md) - [使用 `getpass` 进行安全密码输入的示例](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/getpass_example.md) - [重新提示输入密码](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/password_prompt_again.md) ### 日志与监控 - [生成并处理警告消息](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/generate_warnings.md) - [使用 Python logging 模块的示例](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/logging_example.md) - [记录警告和错误代码](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/logging_warnings_codes.md) ### 资源管理 - [为进程设置 CPU 使用限制](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/put_cpu_limit.md) ### Web 操作 - [打开网页或 URL](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/open_web.md) # 📚 资源 ## 书籍 - [Violent Python](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6) - [Grey Hat Python](http://www.nostarch.com/ghpython.htm) - [Black Hat Python](http://www.nostarch.com/blackhatpython) - [Python 渗透测试 essentials](https://github.com/PacktPublishing/Python-Penetration-Testing-Essentials-Second-Edition) - [Python 特工指南](https://www.packtpub.com/en-us/product/python-for-secret-agents-volume-ii-9781785283406) - [Python Web 渗透测试 Cookbook](https://www.packtpub.com/en-us/product/python-web-penetration-testing-cookbook-9781784399900) - [学习使用 Python 进行渗透测试](https://www.packtpub.com/en-us/product/learning-penetration-testing-with-python-9781785289552) - [Python 取证](http://www.sciencedirect.com/science/book/9780124186767) - [IDAPython 初学者指南](https://leanpub.com/IDAPython-Book) [Python 进攻性渗透测试:使用 Python 进行道德黑客和渗透测试的实用指南](https://www.amazon.com/Python-Offensive-PenTest-practical-penetration/dp/1788838971) # 🛠️ 用于渗透测试的 Python 工具 ## 🌐 网络工具 ### 核心网络库 - [Scapy](https://scapy.net):发送、嗅探、解剖和伪造网络数据包 - [Impacket](http://oss.coresecurity.com/projects/impacket.html):构造和解码网络数据包,支持 NMB 和 SMB - [dpkt](https://github.com/kbandla/dpkt):快速、简单的数据包创建/解析,包含 TCP/IP 协议定义 - [pypcap](https://github.com/dugsong/pypcap)、[Pcapy](https://github.com/helpsystems/pcapy)、[Pcapy-NG](https://github.com/stamparm/pcapy-ng)、[libpcap](https://pypi.org/project/libpcap/):libpcap 的 Python 绑定 - [libdnet](https://github.com/ofalk/libdnet/):底层网络例程 ### 网络侦察与枚举 - [SMBMap](https://github.com/ShawnDEvans/smbmap):枚举整个域中的 Samba 共享驱动器 - [AutoRecon](https://github.com/Tib3rius/AutoRecon):多线程网络侦察工具 - [Habu](https://github.com/portantier/habu):Python 网络黑客工具包 - [Knock Subdomain Scan](https://github.com/guelfoweb/knock):通过字典进行子域枚举 - [SubBrute](https://github.com/TheRook/subbrute):快速子域枚举工具 - [Spoodle](https://github.com/vjex/spoodle):批量子域 + poodle 漏洞扫描器 ### 网络攻击与 MITM - [Mitm6](https://github.com/fox-it/mitm6):基于 IPv6 的中间人攻击 (MITM) 工具 - [Mallory](https://github.com/intrepidusgroup/mallory):可扩展的 TCP/UDP 中间人代理 - [Pytbull-NG](https://github.com/netrunn3r/pytbull-ng/):灵活的 IDS/IPS 测试框架 ## 🔍 调试与逆向工程 ### 反汇编器与反编译器 - [Capstone](http://www.capstone-engine.org/):轻量级的多平台反汇编框架 - [Keystone](http://www.keystone-engine.org):轻量级的多平台汇编框架 - [diStorm](https://github.com/gdabah/distorm):针对 AMD64 的反汇编器库 - [pydasm](https://github.com/jtpereyda/libdasm/tree/master/pydasm):libdasm x86 反汇编库的 Python 接口 ### 动态分析与插桩 - [Frida](http://www.frida.re/):动态插桩框架 - [Unicorn Engine](https://www.unicorn-engine.org/):CPU 模拟器框架 - [PyEMU](https://github.com/codypierce/pyemu/):完全可脚本化的 IA-32 模拟器 ### 特定平台工具 - [Androguard](https://github.com/androguard/androguard):Android 应用程序的逆向工程与分析 - [IDAPython](https://github.com/idapython/src):IDA Pro Python 集成插件 - [Ghidrathon](https://github.com/mandiant/Ghidrathon):适用于 Ghidra 的 Python 3 脚本扩展 - [CHIPSEC](https://github.com/chipsec/chipsec):平台安全分析框架 ### 调试框架 - [Paimei](https://github.com/OpenRCE/paimei):包含 PyDBG、PIDA、pGRAPH 的逆向工程框架 - [python-ptrace](http://python-ptrace.readthedocs.org/):使用 ptrace 的调试器 - [PyDbgEng](http://pydbgeng.sourceforge.net/):Microsoft Windows 调试引擎的 Python 封装 ### 二进制分析 - [pefile](https://github.com/erocarrera/pefile):读取和使用可移植执行文件 (PE) - [PyBFD](https://github.com/Groundworkstech/pybfd/):GNU 二进制文件描述符 (BFD) 库的 Python 接口 ## 🎲 Fuzzing 工具 - [afl-python](http://jwilk.net/software/python-afl):为纯 Python 代码提供 American fuzzy lop 支持 - [Sulley](https://github.com/OpenRCE/sulley):Fuzzer 开发与 Fuzzing 测试框架 - [Peach Fuzzing Platform](https://github.com/MozillaSecurity/peach/):可扩展的 Fuzzing 框架 - [untidy](https://github.com/kbandla/python-untidy/):通用目的 XML Fuzzer - [Powerfuzzer](http://www.powerfuzzer.com/):高度自动化的 Web Fuzzer - [Construct](http://construct.readthedocs.org/):用于解析和构建数据结构的库 - [Fusil](http://fusil.readthedocs.org/):用于编写 Fuzzing 程序的 Python 库 ## 🌐 Web 应用程序测试 ### HTTP 客户端与测试 - [XSStrike](https://github.com/s0md3v/XSStrike):先进的 XSS 检测套件 - [Requests](https://requests.readthedocs.io/):优雅且简单的 HTTP 库 - [lxml](http://lxml.de/index.html):易于使用的处理 XML 和 HTML 的库 - [HTTPie](http://httpie.org):人性化、类似 cURL 的命令行 HTTP 客户端 - [Twill](https://twill-tools.github.io/twill/):支持自动化测试的命令行网页浏览工具 ### Web 测试与自动化 - [FunkLoad](https://github.com/nuxeo/FunkLoad):功能和负载 Web 测试器 - [spynner](https://github.com/makinacorpus/spynner):支持 Javascript/AJAX 的可编程 Web 浏览器 - [mitmproxy](http://mitmproxy.org/):支持 SSL 的拦截 HTTP 代理 - [spidy](https://github.com/rivermont/spidy/):简单的命令行 Web 爬虫 - [Waymap](https://github.com/TrixSec/waymap):专为渗透测试人员设计的 Web 漏洞扫描器 ## 🔬 取证与内存分析 - [Volatility](http://www.volatilityfoundation.org/):从易失性内存 (RAM) 中提取数字痕迹 - [Rekall](https://github.com/google/rekall):由 Google 开发的内存分析框架 - [TrIDLib](http://mark0.net/code-tridlib-e.html):通过二进制签名识别文件类型 ## 🦠 恶意软件分析 - [pyew](https://github.com/joxeankoret/pyew):用于恶意软件分析的十六进制编辑器和反汇编器 - [Exefilter](https://github.com/decalage2/exefilter):过滤文件格式并检测/移除活动内容 - [jsunpack-n](https://github.com/urule99/jsunpack-n):通用 JavaScript 解包器 - [yara-python](https://github.com/VirusTotal/yara-python):识别和分类恶意软件样本 - [phoneyc](https://github.com/honeynet/phoneyc):纯 Python 的蜜罐客户端实现 - [CapTipper](https://github.com/omriher/CapTipper):分析来自 PCAP 文件的 HTTP 恶意流量 - [Cuckoo](https://github.com/cuckoosandbox/cuckoo):自动化恶意软件分析系统 - [CAPE](https://github.com/kevoreilly/CAPEv2):恶意软件配置和 Payload 提取 ## 📄 PDF 分析 - [pdfminer.six](https://github.com/pdfminer/pdfminer.six):从 PDF 文件中提取文本 - [peepdf-3](https://github.com/digitalsleuth/peepdf-3):分析和探索 PDF 文件中的恶意内容 - [Didier Stevens 的 PDF 工具](http://blog.didierstevens.com/programs/pdf-tools):分析、识别和创建 PDF 文件 - [pyPDF](https://pypdf.readthedocs.io/):纯 Python 的 PDF 工具包 ## 🔐 安全分析与评估 ### 二进制与漏洞分析 - [Angr](https://github.com/angr/angr):用于漏洞研究和漏洞利用开发的二进制分析框架 - [ScoutSuite](https://github.com/nccgroup/ScoutSuite):多云安全审计工具 ### 活动目录与 Windows - [Certipy](https://github.com/ly4k/Certipy):活动目录证书服务枚举与滥用 - [BloodHound.py](https://github.com/fox-it/BloodHound.py):基于 Python 的 BloodHound 收集器,用于 AD 安全评估 - [wmiexec.py](https://github.com/CoreSecurity/impacket/blob/master/examples/wmiexec.py):通过 WMI 执行 Powershell 命令 ### 通用安全工具 - [Pentestly](https://github.com/praetorian-inc/pentestly):Python 和 Powershell 渗透测试框架 - [hacklib](https://github.com/leonli96/python-hacklib):面向黑客爱好者的工具包 ### OSINT 与情报 - [Exomind](https://github.com/jio-gl/exomind):用于构建装饰图和 OSINT 模块的框架 ## 🛠️ 实用库 ### 交互与可视化 - [Project Jupyter](https://jupyter.org):增强的交互式 shell - [matplotlib](https://matplotlib.org):二维数组绘图 - [Mayavi](http://code.enthought.com/projects/mayavi/):三维科学数据可视化 - [RTGraph3D](http://www.secdev.org/projects/rtgraph3d/):动态 3D 图形 ### 数据处理与分析 - [Beautiful Soup](http://www.crummy.com/software/BeautifulSoup/):专为屏幕抓取而优化的 HTML 解析器 - [Pandas](http://pandas.pydata.org/):高性能的数据结构和分析工具 - [NetworkX](https://networkx.org):用于边和节点的图库 - [Whoosh](https://github.com/whoosh-community/whoosh):全文索引和搜索库 ### 网络与通信 - [Twisted](http://twistedmatrix.com/):事件驱动的网络引擎 - [Suds](https://github.com/suds-community/suds):轻量级 SOAP 客户端 ### 解析与处理 - [simplejson](https://github.com/simplejson/simplejson/):JSON 编码器/解码器 - [pyparsing](https://pypi.org/project/pyparsing/):通用解析模块 - [lxml](http://lxml.de/):功能丰富的 XML 和 HTML 库 - [Hachoir](https://hachoir.readthedocs.io/en/latest/):逐字段查看和编辑二进制流 ### 自动化与控制 - [Pexpect](https://github.com/pexpect/pexpect):控制和自动化其他程序 - [SikuliX](https://sikulix.github.io/docs/scripts/python/):用于搜索和自动化 GUI 的视觉技术 - [PyQt](http://www.riverbankcomputing.co.uk/software/pyqt) 和 [PySide](http://www.pyside.org/):Qt 框架的 Python 绑定 ### 字典与密码工具 - [PyMangle](http://code.google.com/p/pymangle/) / [py-mangle](http://code.google.com/p/pymangle/):为渗透测试创建字典列表
标签:Python, Splunk, 安全脚本, 无后门, 用户模式钩子绕过, 网络安全, 逆向工具, 隐私保护