# Tools & Scripts

## Distribuciones & VMs

* Kali Linux - <https://www.kali.org/get-kali/>
* Parrot OS - <https://www.parrotsec.org/download/>
* BlackArch - <https://blackarch.org/index.html>
* Tails - <https://tails.boum.org/install/index.en.html>
* Whonix - <https://www.whonix.org/wiki/Download>
* Qubes - <https://www.qubes-os.org/>
* Kodachi - <https://distrowatch.com/table.php?distribution=kodachi>
* TraceLabs - <https://www.tracelabs.org/initiatives/osint-vm>

## Detalle de herramientas

[BloodHound](https://wiki.securiters.com/securiters-wiki/_tools/bloodhound)

[Burp Suite](https://wiki.securiters.com/securiters-wiki/burpsuite#burp-suite)

[Frida](https://wiki.securiters.com/securiters-wiki/_tools/analisisdinamicoios)

[Wireshark](https://wiki.securiters.com/securiters-wiki/_tools/wireshark)

## Más herramientas

### Web

#### ZAP Proxy

Proxy gratuito desarrollado por OWASP

{% hint style="info" %}
Recurso:

<https://www.zaproxy.org/>
{% endhint %}

### Móviles

#### 1. MARA Framework

Repositorio - <https://github.com/xtiankisutsa/MARA\\_Framework>

Instalar:

```
git clone --recursive https://github.com/xtiankisutsa/MARA_Framework
cd MARA-Framework
./setup.sh
```

Analizar el apk:

```
 ./mara.sh -s appName.apk
```

El resultado del análisis se encuentra en /MARA\_Framework/data/

Es necesario analizar los ficheros para descartar falsos positivos

#### 2. MobSF

Repositorio - <https://github.com/MobSF/Mobile-Security-Framework-MobSF>

Instalar:

```
git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
cd Mobile-Security-Framework-MobSF
./setup.sh
```

Ejecutar:

```
./run.sh 127.0.0.1:8000
```

### Codificación & Cifrado

* [Name-that-hash](https://github.com/HashPals/Name-That-Hash)

### Navegadores que priorizan la seguridad

* <https://librewolf.net/>

## Otras herramientas

* <https://github.com/netblue30/firejail>