Yellow - Code and CLI
You do not need to know how to code to be good at security. So many of those new to the industry are daunted at the prospect of learning how to code and it prevents them from taking the plunge into cyber. Does it help? Absolutely! But it is not necessary. There is a level of basic coding knowledge that is totally acceptable.
Think of it like learning the basics of a foreign language. Does everyone need 4-5 years to become completely fluent in Spanish before ordering food at your favorite taco joint? No! But understanding some of the more common terms and how to recognize the language when its used, goes a long way. The same is for code.
To help with this basic understanding, there have been many platforms, tools, and projects created around making understanding code, easier. As a security analyst, most are not expected to be able to write Javascript or in-depth powershell commands. But should you be able to recognize them and and be able to understand a bit of their function? Absolutely! And there are tools that can make that easier.

  • Operator Handbook: Windows_Commands - pg. 328

  • ​ - An amazing repository of command strings accomplishing different tasks. Simply search the task and see what commands have worked for others.
  • ​ - Write down a command-line to see the help text that matches each argument
  • ​ - Command Line cheatsheet tool

Shellcode - For those of the offensive persuation

  • ​Snyk - CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies. It is one of the biggest support tools in DevSecOps. It even has its own convention.​
  • ​WhiteSource Bolt for GitHub - WhiteSource Bolt for GitHub is a FREE app, which continuously scans all your repos, detects vulnerabilities in open source components and provides fixes.
  • ​Brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications
  • ​Cppcheck - A tool for static C/C++ code analysis
  • ​FindBugs - Find Bugs in Java Programs
  • ​Sobelow - Security-focused static analysis for the Phoenix Framework
  • ​bandit - Bandit is a tool designed to find common security issues in Python code.
  • ​Package Hunter - Scan dependencies for potentially malicious code
  • ​semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  • ​GGShield - Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
  • ​puma-scan - Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code.
  • ​ - Examples of insecure programming. For learning
  • ​ - Bandit is a tool designed to find common security issues in Python code.

  • ​NRE Labs - learn automation by doing it. Right now, right here, in your browser.

  • ​Hashcalc - A fast and easy-to-use calculator that allows to compute message digests, checksums and HMACs for files, as well as for text and hex strings. It offers a choice of 13 of the most popular hash and checksum algorithms for calculations.
  • ​Md5 Decrypt & Encrypt - More than hashes - Handy tool for hash lookups. Can save some time over brute forcing.

  • ​ - Browser-based Online and Offline Hex Editing
  • ​Hexinator - Powerful free hex editor
  • ​Frhed - Free Hex Editor
  • ​shed - shed (Simple Hex Editor) is an easy application for viewing and editing files in text mode, using ncurses.
  • ​Bless - Gtk# Hex Editor

  • ​edb-debugger - edb is a graphical cross platform x86/x86-64 debugger.
  • ​ollydbg - OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.
  • ​httopenocd - OpenOCD aims to provide debugging, in-system programming and boundary-scan testing for embedded target devices.
  • ​gdb - GBD/PEDA - GDB is a command line debugger for Linux that is essential for exploiting Linux binaries. Python Exploit Development Assistant (or PEDA) is an open-source extension to GDB that makes it easier to use.
    • Pattern - When looking for buffer overflows, one of the key components is identifying at which point the return pointer is overwritten. To help identify this location, PEDA can generate patterns that can be used as input, and then used to identify the location of the string.
    • Ropsearsch - Ropsearch will look for return-oriented programming (ROP) gadgets in memory that can be used for exploits that use ROP techniques.
    • Searchmem|find - β€˜Searchmem’ and β€˜find’ can be used to look for structure in memory. A typical case would be using it to look for strings like β€˜sh’ that can be used in ret2libc payloads.
    • Skeleton - This will generate a Python skeleton program that can be used to create an exploit script.
    • Vmmap - Vmmap will show a table that lists all the memory regions of the binary. It will also include what read, write or execute permissions are set on each section. β—‡​
    • Install PEDA
# git clone ~/peda
# echo "source ~/peda/" >> ~/.gdbinit

  • ​Ciphey - Fully automated decryption/decoding/cracking tool using natural language processing & artificial intelligence, along with some common sense.
  • ​Replit - Collaborative, in-browser IDE to code in 50+ languages.
  • ​bytecode-viewer - an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, and much more.
Copy link
On this page
Secure Coding
Command Shells
WIndows CLI
CLI Assistance Tools
Code Reference Tools
Code libraries and collections
Decoding Tools
Javascript Decoders
Code Vulnerability Scanning
Misc Tools
Hex Editors
Honorable Mention