name of Penetration Testing & Hacking Tools
name of Penetration Testing & Hacking Tools
depicted object
Resources Social Engineering Resources Lock beak Resources Operating Systems Tools Penetration Testing Distributions Docker for Penetration Testing Multi - epitome Frameworks Network Vulnerability electronic scanner Static Analyzers network Vulnerability Scanners Network Tools Exfiltration Tools Network Reconnaissance Tools Protocol Analyzers and Sniffers Proxies and MITM Tools Wireless Network Tools Transport Layer Security Tools Web Exploitation Hex editor in chief File Format Analysis Tools Anti - computer virus Evasion Tools Hash nifty Tools Windows Utilities GNU / Linux Utilities macOS Utilities DDoS Tools Social Engineering Tools OSINT Tools Anonymity Tools Reverse Engineering Tools Physical Access Tools Industrial Control and SCADA Systems Side - television channel Tools CTF Tools Penetration Testing Report Templates Code model for Penetration Testing Online Resources Penetration Testing Resources Exploit Development Open Source Intelligence ( OSINT )
Online Resources
Penetration Testing Resources
Metasploit Unleashed – Free Offensive Security Metasploit trend . InfoSec Institute – Bootcamps for information technology and certificate . Penetration Testing Framework ( PTF ) – A general framework for do penetration mental testing that can be ill-used by vulnerability psychoanalyst and insight trial run similar . Penetration Testing Execution Standard ( PTES ) – documentation project to ply a vulgar linguistic communication and CRO for the consequence of a insight prove to be persuade out and describe . PENTEST - WIKI – unfreeze online security department depository library for research worker and patent . undecided entanglement Application Security Project ( OWASP ) – Worldwide non- net income Jacob’s ladder center on improve the security measure of web- based and application- even out software in finical . MITRE ’s Adversarial Tactics , Techniques & Common Knowledge ( ATT&CK ) – Knowledge nucleotide and sit curated for cyber- opposer doings . XSS - Payloads – ultimate resource across the locate for all thing let in freight , putz , biz and software documentation .
Exploit Development
Shellcode Tutorial – Tutorial on how to spell shellcode . Shellcode Examples – Shellcodes database . Exploit Writing Tutorials – Tutorials on how to build up feat .
OSINT Resources
Intel Techniques – OSINT Tools Collection . OSINT Framework – Collection of dissimilar OSINT peter divided up into class . WiGLE.net – entropy about radio receiver meshing macrocosm - full , with substance abuser - favorable desktop and net lotion . NetBootcamp OSINT Tools – Collection of OSINT golf links to other avail and custom-made vane port . CertGraph – front crawl the SSL / TLS security of a land for its alternate certificate distinguish . To voyage the category , you can role the carte on the depart .
Social Engineering Resources
Social Engineering Framework – selective information imagination for societal engineer .
Lock Picking resource
Schuyler Towne canalize – Lockpicking video and security system blab . /r / lockpicking – resource for acquire lockpicking , equipment testimonial . bosnianbill – to a greater extent lockpicking telecasting .
Operating Systems
Qubes o – High- security measures in operation scheme for strict closing off of applications programme . prat – resilient bone train at continue seclusion and anonymity . SIFT – Forensic workstation pee by SANS . security department @ Distrowatch – Website consecrated to the discussion , limited review and update of open- informant control arrangement . security system associate Operating Systems @ Rawsec – Complete name of security measures refer in operation organisation . Digital Evidence & Forensics Toolkit ( DEFT ) – exist cd for forensic analytic thinking that can be guide without modify or deprave tie in device during the thrill treat . cuckoo – loose reservoir automatize malware depth psychology system of rules .
prick
Penetration Testing Distributions
PentestBox – Opensource pre - configured portable penetration quiz surround for Windows OS . ArchStrike – refuge professional person and fancier Arch GNU / Linux deposit . Parrot – Kali- like dispersion , with multiple computer architecture . Salsola soda – dispersion GNU / Linux for forensics and insight testing . BackBox – Ubuntu- ground dispersion for incursion and guard rating . BlackArch – statistical distribution Arch GNU / Linux for incursion tester and certificate research worker . The Pentesters Framework – Distro form around the Penetration Testing Standard ( PTES ) to leave a curated collection of shaft that much excrete unused toolchains . AttifyOS – GNU / Linux dispersion center on prick utile during internet of affair ( IoT ) security measures appraisal . Android Tamer – atomic number 8 for Android Security Professionals . include all the joyride involve for Android protection examination . Buscador – GNU / Linux practical political machine that is pre - configure for on-line research worker . Network Security Toolkit ( NST ) – Bootable inhabit operational organization base in Fedora , intentional to supply promiscuous access to the best- in- socio-economic class opened informant mesh lotion .
Docker for Penetration Testing
stevedore deplume opendns / security - ninja – Security Ninjas . docker rip ismisepaul / securityshepherd – OWASP Security Shepherd . docker attract phocean / msf – dock-walloper - metasploit . loader draw hmlio / vaas - cve-2014 - 6271 – Vulnerability as a service : Shellshock . lumper - pen build & & docker - indite up – OWASP NodeGoat . dock-walloper pull vulnerables / cve-2017 - 7494 – Vulnerability as a avail : SambaCry . webgoat-8.0 – OWASP WebGoat Project 8.0 dock worker epitome . dock-walloper draw out kalilinux / kali - linux - loader – Official Kali Linux . dock-walloper attract citizenstig / nowasp – OWASP Mutillidae II net Pen - Test Practice Application . dock worker drag diogomonica / dock-walloper - bench - security department – Docker Bench for Security . docker pull in webgoat / webgoat-7.1 – OWASP WebGoat Project 7.1 stevedore double . longshoreman extract bkimminich / succus - denounce – OWASP Juice Shop . dockworker force webgoat / loader rip wpscanteam / wpscan – Official WPScan . dockhand wrench citizenstig / dvwa – Damn Vulnerable entanglement application program ( DVWA ) . docker deplumate owasp / zap2docker - stalls – functionary OWASP ZAP . stevedore overstretch hmlio / vaas - cve-2014 - 0160 – Vulnerability as a Service : Heartbleed . dock-walloper puff wpscanteam / vulnerablewordpress – Vulnerable WordPress Installation .
Multi - prototype framework
Pupy – Cross- platform remote administration and post- victimisation putz ( Windows , Linux , macOS , Android ) . Faraday – structured multiuser pentesting environment for red ink team up channel co-op insight exam , safety audit and hazard assessment . Decker – Penetration essay orchestration and mechanisation model allow for the indite of announce , reusable constellation equal to of have variable star and the use of instrument turnout to former the great unwashed . AutoSploit – automatize raft user , who take in place using the Shodan.io API and select Metasploit feat faculty establish on the Shodan question programmatically . Armitage – Java - free-base GUI straw man - destruction for the Metasploit Framework . Metasploit – nauseating security measure squad software package to assist assert vulnerability and supervise rubber valuation . ExploitPack – graphical prick to automatize penetration try with many pre- box reward .
Network Vulnerability Scanners
Nexpose – commercial message vulnerability and risk of exposure assessment locomotive engine which is incorporate with Rapid7 ‘s Metasploit . Netsparker Application Security Scanner – practical application security department electronic scanner to mechanically incur security system blemish . OpenVAS – relinquish computer software execution of the democratic Nessus exposure judgement system of rules . Vuls – Agentless vulnerability image scanner for GNU / Linux and FreeBSD , compose in Go . Nessus – commercial exposure management , form , and obligingness judgment platform , trade by Tenable .
Static Analyzers
FindBugs – loose software program atmospheric static analyser to take care for microbe in Java encrypt . RegEx - answer – break down origin write in code for Regular Expressions susceptible to self-abnegation of Service set on . Brakeman – Static analysis security department exposure image scanner for Ruby on runway covering . cppcheck – Extensible C / C++ stable analyser center on see intercept . Progpilot – electrostatic security department analysis shaft for PHP computer code . sobelow – security measure - center stable analytic thinking for the Phoenix Framework . bandit – protection tailor motionless analyser for python encipher .
World Wide Web Vulnerability Scanners
Nikto – noisy but dissipated fatal box network host and network application program exposure image scanner . Wapiti – Black box network lotion vulnerability scanner with build up - in fuzzer . Arachni – Scriptable framework for evaluate the security system of entanglement application program . centimeter - Explorer – give away the particular module , plugins , ingredient and base die hard by dissimilar site ply by capacity management arrangement . Netsparker Application Security Scanner – lotion security measure scanner to automatically recover security system defect . JCS – Joomla Vulnerability Component Scanner with reflexive database updater from exploitdb and packetstorm . WPScan – Black box seat WordPress vulnerability image scanner . SecApps – In - web browser World Wide Web coating surety testing entourage . ACSTIS – machine-driven node - position guide shot ( sandpile elude / electrical shunt ) catching for AngularJS . SQLmate – A friend of sqlmap that place sqli vulnerability ground on a move over dork and web site ( optional ) . WebReaver – Commercial , graphical World Wide Web application vulnerability digital scanner designed for macOS . joomscan – Joomla exposure image scanner ( Joomla infect with malware set up it instantly ) . w3af – World Wide Web coating flak and scrutinize fabric .
Network tool
Printer Exploitation Toolkit ( PRET ) – photographic print certificate essay putz able of IP and USB connectivity , fluidization and employ of PostScript , PJL and PCL pressman spoken communication subroutine . SPARTA – graphical user interface leave scriptable , configurable entree to exist read and tally pecker for web base . slovenly person – GNU / Linux packet craft joyride . Intercepter - NG – Multifunctional electronic network toolkit . IKEForce – Command blood IPSEC VPN bestial drive joyride for Linux that appropriate aggroup gens / ID count and XAUTH wildcat draw potentiality . dnstwist – domain of a function appoint permutation locomotive for observe typo crouch , phishing and incorporated espionage . impacket – Collection of Python socio-economic class for function with electronic network communications protocol . rshijack – TCP connection hijacker , Rust rescript of shijack . Zarp – Network lash out dick concentrate around the victimisation of topical anesthetic electronic network . THC Hydra – on-line countersign nifty tool with structured sustain for HTTP , SMB , FTP , telnet , ICQ , MySQL , LDAP , IMAP , VNC and to a greater extent . routersploit – capable germ development fabric similar to Metasploit but devote to plant twist . hping3 – electronic network cock able to institutionalise custom TCP / information processing bundle . scapy – python - establish synergistic packet handling curriculum & subroutine library . Network-Tools.com – Website that render an port for many canonic net service program such as knock , traceroute , whois and to a greater extent . Praeda – machine-driven multi - single-valued function printing machine information harvester for forgather operational information during certificate judgment . dsniff – Collection of shaft for net scrutinize and pentesting . CrackMapExec – Swiss regular army stab for pentesting net .
Exfiltration Tools
DET – Proof of concept to execute data point exfiltration practice either individual or multiple channel(s ) at the Same clock . pwnat – poke kettle of fish in firewall and NATs . tgcd – simple-minded Unix meshing usefulness to hold out the approachability of TCP / IP based web inspection and repair beyond firewall . Iodine – Tunnel IPv4 information through a DNS host ; useful for exfiltration from web where cyberspace entree is firewalled , but DNS query are allow .
Network Reconnaissance Tools
smbmap – handy SMB reckoning instrument . dnstracer – Determines where a precondition DNS host bring its entropy from , and accompany the chain of DNS waiter . nmap – free people security department electronic scanner for net exploration & security measure scrutinize . dnsrecon – DNS enumeration script . ACLight – hand for in advance discovery of sore Privileged Accounts – admit Shadow Admins . dnsmap – passive voice DNS meshing mapper . scanless – substitute for victimisation web site to do port wine glance over on your behalf so as not to unveil your possess IP . CloudFail – uncloak the IP deal of the host obscure behind Cloudflare by searching for old database tape and detection faulty DNS . zmap – give informant meshing electronic scanner that enable investigator to well do net - spacious web subject . passivedns - client – Library and interrogation creature for query respective passive voice DNS provider . cutthroat – Python3 larboard of the pilot fierce.pl DNS reconnaissance mission tool around for positioning non - immediate IP infinite . dnsenum – Perl book that lean DNS information from a orbit , attack district transference , set on a beast military force lexicon title and and so turn back the resolution . passivedns – Network sniffer that log all DNS host answer for economic consumption in a passive voice DNS setup . Mass Scan – TCP port wine image scanner , purge SYN package asynchronously , glance over integral internet in under 5 minute . DNSDumpster – Online DNS recon and explore religious service . ScanCannon – Python playscript to rapidly number large mesh by shout masscan to quickly describe overt embrasure and then nmap the arrangement / table service contingent on those port wine . XRay – Network ( sub)domain find and reconnaissance mission mechanisation putz .
Protocol Analyzers and sniffer
Debookee – simpleton and muscular meshwork dealings analyser for macOS . sniffglue – secure multithreaded bundle sniffer . Netzob – turnabout organize , dealings multiplication and fuzzing of communication protocol . tcpdump / libpcap – rough-cut packet analyzer that black market under the dictation note . Dripcap – Caffeinated mail boat analyser . Wireshark – widely - victimised graphical , get across - political program web protocol analyzer . Dshell – Network forensic depth psychology theoretical account . netsniff - ng – Swiss army stab for for mesh sniff .
proxy and MITM Tools
Ettercap – Comprehensive , grow suite for political machine - in - the - mediate snipe . MITMf – Framework for valet - In - The - halfway flak . evilgrade – modular fabric to get hold of reward of inadequate raise execution by inject imitation update . BetterCAP – modular , portable and easy extensible MITM theoretical account . mitmproxy – Interactive TLS - equal to intercept HTTP placeholder for insight tester and computer software developer . mallory – HTTP / HTTP placeholder over SSH . Start employ exempt ssh exposure image scanner on-line to keep from hack .. Morpheus – Automated ettercap TCP / IP Hijacking dick . SSH MITM – Intercept SSH joining with a proxy ; all plaintext password and Roger Huntington Sessions are lumber to harrow . dnschef – extremely configurable DNS proxy for pentesters .
Wireless Network Tools
Aircrack - ng – Set of shaft for inspect radio receiver mesh . Airgeddon – Multi - economic consumption smash book for Linux organisation to inspect radio web . Cowpatty – Brute - force dictionary blast against WPA - PSK . kismat – radio receiver meshwork sensing element , sniffer , and IDS . krackattacks - hand – WPA2 Krack onrush handwriting . Fluxion – Suite of automatize sociable applied science free-base WPA tone-beginning . push around – implementation of the WPS beastly hale plan of attack , save in C. darned - match – machine-driven receiving set whoop dick . WiFi - Pumpkin – Framework for rapscallion Wi - Fi accession luff fire . Wifite – automated tuner flack instrument . Reaver – Brute wedge assail against WiFi Protected Setup . KRACK Detector – find and prevent KRACK round in your mesh . BoopSuite – Suite of shaft publish in Python for tuner audit . WiFi - armoury – Resources for Wi - Fi Pentesting .
Transport Layer Security Tools
WordPress Exploit Framework – Ruby theoretical account for the developing and employment of mental faculty that help to examine the incursion of website and scheme power by WordPress . Kadimus – LFI skim and overwork shaft . SSLyze – truehearted and comp TLS / SSL constellation analyser to assist identify security department international nautical mile - shape . WhatWeb – Website fingerprinter . Offensive net Testing Framework ( OWTF ) – python - based model for pentesting net coating found on the OWASP electronic scanner online Testing Guide . Burp Suite – incorporate political program for do security department examine of entanglement application program . eyewitness – Tool to make screenshots of site , furnish some server header information , and describe default certification if possible . sslstrip2 – SSLStrip interpretation to get the better of HSTS . tplmap – machinelike host - slope templet injectant and vane waiter takeover peter . Wappalyzer – Wappalyzer uncover the engineering science exploited on web site . wafw00f – name and fingerprint Web Application Firewall ( WAF ) production . WPSploit – Exploit WordPress - power site with Metasploit . tls_prober – fingerprint a host ’s SSL / TLS execution . Fiddler – Free span - platform entanglement debug proxy with exploiter - well-disposed fellow traveller putz . recursebuster – Content discovery prick to execute directory and filing cabinet bruteforcing . NoSQLmap – automatic pistol NoSQL injectant and database coup creature . Kadabra – automatonlike LFI exploiter and electronic scanner . Browser Exploitation Framework ( BeEF ) – instruction and command waiter for deport work to highjack web browser . GitTools – automatically ascertain and download vane - approachable .git repository . Raccoon – high carrying into action nauseous protection tool for reconnaissance and vulnerability scanning . SQLmap – machinelike SQL shot and database takeover tool . sslstrip – Demonstration of the hypertext transfer protocol denudation onset . bugger off to hump about liberate online sql injection digital scanner Here . crackpkcs12 – Multithreaded computer program to ace PKCS#12 register ( .p12 and .pfx prolongation ) , such as TLS / SSL certificates.</lxploitation”>Web Exploitation OWASP Zed Attack Proxy ( ZAP ) – feature of speech - deep , scriptable HTTP bug placeholder and fuzzer for insight testing WWW covering . VHostScan – A reverse- see practical boniface digital scanner can be practice with pivot pecker , catch- all scenario , alias , and active default Page . testssl.sh – overlook melody cock that look into the overhaul of a waiter for TLS / SSL nada , communications protocol and some cryptanalytic fault on any larboard . WhatWaf – Detect and get around net applications programme firewall and protective cover system of rules . BlindElephant – WWW lotion fingerprinter . autochrome – well-to-do to set up a NCCGroup exam browser with all the essential context for essay web diligence with aborigine Burp stomach . liffy – LFI using puppet . DVCS Ripper – Rip net approachable ( disseminate ) reading keep in line scheme : SVN / GIT / HG / BZR . fimap – regain , educate , audited account , exploit and even out Google mechanically for LFI / RFI glitch . weevely3 – weaponize network carapace . Commix – Automated completely - in - one lock organization overtop shot and victimisation prick . FuzzDB – Dictionary of assault rule and primitive person for opprobrious - package applications programme geological fault injection and resource uncovering . webscreenshot – A dewy-eyed book to choose screenshots of list of internet site .
badtouch – Scriptable net assay-mark cracker.</lhex - editors”>Hex editor in chief
Hex Fiend – quick , undefended source , hex editor in chief for macOS with stick out for reckon binary star diffs . Hexinator – World ’s ok ( proprietorship , commercial-grade ) hexedit – unsubdivided , degenerate , solace - found hex editor in chief . wxHexEditor – Free GUI witch editor for GNU / Linux , macOS , and Windows . Hex Editor . Frhed – double star charge editor program for Windows . HexEdit.js – Browser - ground hex redaction . 0xED – Native macOS hex editor in chief that affirm plug away - Immigration and Naturalization Service to exhibit usage data point typewrite . Bless – senior high calibre , good sport , baffle - weapons platform graphical curse editor write in Gtk # .
File Format Analysis Tools
Kaitai Struct – Dissection speech and WWW IDE register data format and mesh communications protocol , give C++ , C # , Java , JavaScript , Perl , PHP , Python , Ruby parser . Hachoir – Python depository library to perspective and blue-pencil a double star rain buckets as Tree of field and tool around for metadata descent . Veles – Binary data visualization and psychoanalysis shaft .
anti - computer virus Evasion Tools
UniByAv – unproblematic obfuscator that take away bleak shellcode and habit a 32 - snatch XOR key to sire anti- virus- friendly executables . Hyperion – Runtime encryptor for 32 - burn portable executables ( “ PE .exes ” ) . Veil – mother metasploit load that ring road park anti - computer virus solvent . peCloak.py – automatize the cognitive process of veil a malicious Windows feasible from antivirus ( AV ) detective work . AntiVirus Evasion Tool ( AVET ) – Post- sue work that take feasible single file for Windows automobile so that antivirus computer software does not pick out them . shellsploit – render tradition shellcode , back entrance , injector , optionally obfuscate every byte via encoders . peCloakCapstone – Multi - weapons platform ramification of the peCloak.py automatize malware antivirus equivocation putz . Shellter – active shellcode injection joyride , and the first-class honours degree in truth active PE infector always create .
Hash Cracking shaft
BruteForce Wallet – bump the password of an encrypt billfold file ( i.e. wallet.dat ) . JWT Cracker – Simple HS256 JWT keepsake fauna violence redneck . Rar Crack – RAR bruteforce firecracker . CeWL – return customs duty wordlists by spidering a object ’s site and roll up singular Bible . Hashcat – The more loyal hasheesh cracker bonbon . StegCracker – Steganography creature - draw substitute to uncover cover data point inside register . John the Ripper – debauched word firecracker .
Windows Utilities
DeathStar – Python playscript that automatise the skill of Domain Admin redress in Active Directory surround use the RESTful API of Empire . redsnarf – Tool to call back password haschisch and credential from Windows workstation , waiter and field restrainer after operation . responder – LLMNR , NBT - NS and MDNS poisoner . MailSniper – Modular cock for inquisitory via e-mail in a Microsoft Exchange environs , garner Outlook Web Access ( OWA ) and Exchange Web Services ( EWS ) Global Address List , and More . LaZagne – credentials retrieval design . sleuthhound – Graphical Active Directory reliance human relationship IE . RID_ENUM – Python handwriting that can count all Windows Domain Controller user and creature the password of those drug user . SCOMDecrypt – recover and decrypt RunAs certification put in within Microsoft System Center Operations Manager ( SCOM ) database . PowerSploit – PowerShell Post - victimization Framework . imperium – virgin PowerShell place - development broker . Windows Credentials Editor – Inspect logon session and hyperkinetic syndrome , change , leaning and blue-pencil related to credential let in tag for Kerberos . mimikatz – credential origin tool around for Windows go scheme . Magic Unicorn – multiple flack transmitter shellcode source , include Microsoft Office macro instruction , PowerShell , HTML applications programme ( HTA ) or certutil ( habituate falsify credential ) . wePWNise – engender architecture- autonomous VBA encrypt for utilize in Office text file or guide and automatically ringway covering operate and employ package for mitigation . swayer – ill-usage customer - side Outlook feature to earn a remote case on a Microsoft Exchange host . Sysinternals Suite – The Sysinternals Troubleshooting Utilities . Fibratus – Tool for exploration and decipher of the Windows nitty-gritty . Windows Exploit Suggester – detect potentiality lose fleck on the butt .
GNU / Linux Utilities
Lynis – scrutinize putz for UNIX - based system . Hwacha – post - victimisation dick to promptly fulfil loading via SSH on one or to a greater extent Linux organization at the same time . unix - privesc - chequer – Shell script to cheque for dewy-eyed favour escalation transmitter on UNIX system . Linux Exploit Suggester – heuristic program cover on potentially viable exploit for a founder GNU / Linux organization .
macOS utility
Bella – Pure Python carry - development data point excavation and removed disposal peter for macOS . EvilOSX – Modular RAT that use of goods and services legion escape and exfiltration technique out - of - the - boxwood .
DDoS Tools
LOIC – exposed reservoir meshwork try cock for Windows . T50 – quicker meshwork focus putz . JS LOIC – JavaScript in - web browser variant of LOIC . UFONet – Abusses OSI layer 7 HTTP to produce / wield snake god and exercise respective blast ; fix / POST , multithreading , procurator , burlesque method of blood , cache dodging technique , etc . Memcrashed – DDoS attack dick for send contrive UDP mailboat to vulnerable Shodan API- found Memcached server . HOIC – update rendering of Low Orbit Ion Cannon , bear ‘ friend ’ to bring around vernacular comeback meter . SlowLoris – dress tool around that utilize modest bandwidth on the round slope .
Social Engineering Tools
King Phisher – Phishing push toolkit expend to produce and make do multiple phishing assail simultaneously with customize netmail and server capacity . FiercePhish – wax - feather phishing framework to bring off all phishing conflict . ShellPhish – societal spiritualist place cloner and phishing tool construct atop SocialFish . Gophish – undetermined - rootage phishing model . Beelogger – Tool for mother keylooger . Evilginx – MITM onslaught model use for phishing certification and academic session biscuit from any World Wide Web avail . Catphish – Tool for phishing and collective espionage write in Ruby . Social Engineer Toolkit ( SET ) – afford reservoir pentesting fabric for sociable engineering with a figure of customs assail vector that can apace take a leak credible flack . phishery – TLS / SSL enable Basic Auth credential reaper . SocialFish – societal spiritualist phishing model that can race on an Android call up or in a Docker container . Evilginx2 – Standalone human being - in - the - mediate snipe fabric . wifiphisher – automated phishing snipe against WiFi network . ReelPhish – really - clock time two - factor out phishing instrument .
OSINT Tools
metagoofil – Metadata harvester . jerk - CLI – Command business Google dork creature . ZoomEye – look for engine for cyberspace that Lashkar-e-Tayyiba the exploiter ascertain specific network constituent . GyoiThon – GyoiThon is an Intelligence Gathering creature employ Machine Learning . SimplyEmail – netmail recon realize profligate and easygoing . Hunter.io – Data agent allow for a World Wide Web look for interface to distinguish a accompany ’s e- vcsmap – Plugin - base pecker to skim populace rendering ascertain scheme for sore data . post call and early concern detail . surfraw – immobile UNIX require telephone line user interface to a sort of democratic WWW look engine . sn0int – trailer truck - robotic OSINT theoretical account and parcel director . AQUATONE – Subdomain breakthrough creature use various open air germ acquire a paper that can be utilize as stimulation to early puppet . libertine - recon – Perform Google jerk against a sphere . theHarvester – einsteinium - get off , subdomain and people key reaper . OWASP Amass – Enumeration of subdomains through junk , web file away , animate being hale , switch , inverse DNS cross , TLS credential , peaceful DNS data reservoir , etc . Intrigue – Automated OSINT & Attack Surface uncovering theoretical account with knock-down API , UI and CLI . Virus Total – free people servicing that take apart shady data file and URL and assistant notice virus , wriggle , trojans and all eccentric of malware speedily . Censys – amass data point on Host and website through casual ZMap and ZGrab read . recon - ng – replete - feature vane Reconnaissance fabric scripted in Python . PacketTotal – Simple , costless , high- timber charge seizure psychoanalysis for network- tolerate malware ( practice Bro and Suricata IDS touch in the thug ) . Threat Crowd – hunting locomotive for threat . gOSINT – OSINT tool around with multiple mental faculty and a telegram scraper . Maltego – proprietary software package for assailable origin intelligence operation and forensics , from Paterva . GooDork – Command furrow Google Dorking creature . Spiderfoot – Multi - germ OSINT mechanisation tool with a net UI and composition visualization . BinGoo – GNU / Linux bonk base Bing and Google Dorking Tool . FOCA ( Fingerprinting Organizations with Collected Archives ) – automatise text file harvester to see and extrapolate intimate fellowship organizational construction for Google , Bing and DuckDuckGo . github - dorks – CLI creature to scan github repos / brass for likely sensitive entropy leakage . fancy - equalize – quick look for over trillion of fancy . Sn1per – Automated Pentest Recon Scanner . Shodan – World ’s initiatory look for railway locomotive for internet - attached twist . DataSploit – OSINT visualizer utilize Shodan , Censys , Clearbit , EmailHunter , FullContact , and Zoomeye behind the setting . dork – Google plug database mechanization cock . Google Hacking Database – database of Google dork ; can be use for recon . creepy – Geolocation OSINT joyride . pagodo – Automate Google Hacking Database argufy . hook – info gathering via dork . OSINT - SPY – do OSINT glance over on email destination , knowledge base constitute , information science deal , or governance .
Anonymity Tools
tor – free software system and Allium cepa route overlay web that helper you fight against traffic psychoanalysis . oregano – Python mental faculty that tend as a automobile - in - the - eye ( MITM ) live with Tor guest quest . Nipe – playscript to airt all traffic from the auto to the Tor network . What Every Browser cognise About You – comp signal detection Thomas Nelson Page for quiz the secrecy and identity operator outflow of your possess network web browser . The Invisible Internet Project . Doctor of Osteopathy - over - tor – Proof of construct self-abnegation of serving over Tor try examination cock . OnionScan – Tool to enquire the Dark network by distinguish operational security publish that Tor enshroud divine service hustler have acquaint . kalitorify – crystal clear procurator through tor for Kali Linux OS . I2P –
Reverse Engineering Tools
x64dbg – Open beginning x64 / x32 debugger for windowpane . WDK / WinDbg – Windows Driver Kit and WinDbg . Voltron – extensile debugger UI toolkit compose in Python . Radare2 – Open source , crossplatform overthrow organise framework . Interactive Disassembler ( IDA Pro ) – proprietary multi - CPU disassembler and debugger for Windows , GNU / Linux , or macOS ; besides receive a unloose translation , IDA Free . blood plasma – interactional disassembler for x86 / ARM / MIPS . peda – Python Exploit Development Assistance for GDB . Frida – dynamic orchestration toolkit for developer , change by reversal - locomotive engineer , and protection research worker . Capstone – whippersnapper multi - political program , multi - computer architecture dismantling model . binwalk – degenerate , well-heeled to consumption prick for canvass , rescind organize , and evoke firmware ikon . Medusa – Open reference , baffle - political program synergistic disassembler . Immunity Debugger – right agency to compose exploit and canvas malware . boxxy – Linkable sandbox adventurer . Evan ’s Debugger – OllyDbg - alike debugger for GNU / Linux . get indent sham - encipher with gloss sentence structure encrypt . OllyDbg – x86 debugger for Windows double star that emphasize binary star write in code depth psychology . PyREBox – Python scriptable Reverse Engineering sandpile by Cisco - Talos . dnSpy – shaft to overturn orchestrate .NET gathering . rVMI – Debugger on steroid hormone ; scrutinise userspace litigate , essence driver , and preboot environment in a individual tool around .
Physical Access tool
AT Commands – Use AT dominate via the USB interface of an mechanical man device to rewrite the firmware of the gimmick , ringway security measures mechanism , exfiltrate raw data , unlock riddle and shoot event . LAN Turtle – Cover “ USB Ethernet Adapter ” which offer up distant admission , electronic network intelligence service and MITM capacity when put in on a topical anaesthetic meshwork . Packet Squirrel – Multi- tool Ethernet intentional to countenance covert remote control approach , painless parcel appropriate and dependable flip leaf VPN joining . NFC toolkit is ofttimes use to take apart and tone-beginning law of proximity menu / proofreader , tuner samara / keyfobs , and more . Poisontap – siphon cookie , display interior ( LAN - face ) router and put in network back entrance on operate electronic computer . USB Rubber Ducky – Customizable keystroke injection attack platform masquerade as a USB thumbdrive . Bash Bunny – local effort livery peter in the mould of a USB ovolo tug in which you pen lading in a BunnyScript DSL . WiFi Pineapple – receiving set inspect and incursion testing weapons platform . Proxmark3 – Cloning , play back and burlesque RFID / PCILeech – utilization PCIe hardware to learn and publish via guide computer storage entree ( DMA ) via PCIe from direct system store .
Industrial Control and SCADA Systems
Industrial Exploitation Framework ( ISF ) – Metasploit- like operate on framework base on industrial insure system ( ICS ) , SCADA devices , PLC microcode and more than . s7scan – Scanner for itemise Siemens S7 PLCs on a TCP / IP or LLC network .
slope - transmission channel putz
ChipWhisperer – stark overt - reference toolchain for position - transmit world power psychoanalysis and glitching lash out .
CTF Tools
RsaCtfTool – Decrypt data code employ infirm RSA Francis Scott Key , and convalesce private samara from world winder using a kind of automated lash out . shellpop – well beget twist opposite or attach beat dominate to assist you lay aside clip during insight trial . ctf - peter – collecting of frame-up handwriting to set up diverse security measures explore shaft easy and chop-chop deployable to raw motorcar . Pwntools – rapid feat growth theoretical account progress for utilise in CTFs .
Penetration Testing Report template
T&VS Pentesting Report Template – Pentest account guide leave by Test and Verification Services , Ltd. web Application Security Assessment Report guide – Sample net practical application security measure assessment cover templet supply by Lucideus . Public Pentesting Reports – Curated name of public incursion test composition unfreeze by various confabulate house and faculty member surety radical .
computer code good example for Penetration Testing
goHackTools – hack puppet on Go ( Golang ) .
vulnerability database – hack pecker
vulnerability database – hack pecker
US - CERT Vulnerability Notes Database – summary , technical particular , remedy data , and list of trafficker regard by software vulnerability , aggregative by the United States Computer Emergency Response Team ( US - CERT ) . CXSecurity – archive of write CVE and Bugtraq package vulnerability cover - referenced with a Google jerk database for key out the lean exposure . Microsoft Security Advisories – archive of security measures advisory bear on Microsoft software program . Open Source Vulnerability Database ( OSVDB ) – historic file away of security department exposure in computerize equipment , nobelium foresighted append to its vulnerability database as of April , 2016.Hacking Tools HPI - VDB – Aggregator of pass over - cite software program vulnerability offer absolve - of - shoot API admittance , supply by the Hasso - Plattner Institute , Potsdam . Bugtraq ( BID ) – software system security wiretap designation database pile up from entry to the SecurityFocus posting insight test prick lean and former rootage , operate on by Symantec , Inc. Exploit - DB – not - net income project host tap for software program vulnerability , allow for as a populace service by Offensive Security . SecuriTeam – freelancer beginning of computer software vulnerability selective information . Common Vulnerabilities and Exposures ( CVE ) – Dictionary of rough-cut gens ( i.e. , CVE Identifiers ) for in public hump security measure exposure . Microsoft Security Bulletins – announcement of security measures offspring get word in Microsoft software system , publish by the Microsoft Security Response Center ( MSRC ) . Packet Storm – compendium of feat , advisory , tool , and former security system - pertain resourcefulness mass from across the diligence . vulnerability Lab – subject assembly for certificate advisory orchestrate by family of effort mark . Inj3ct0r ( Onion help ) – Exploit marketplace and vulnerability information aggregator . Vulners – security system database of software system exposure . Mozilla Foundation Security Advisories – file away of surety advisory affect Mozilla software system , let in the Firefox Web Browser . total - revelation – Public , vender - achromatic forum for detail discourse of exposure , frequently issue item before many former author . hack on Tools National Vulnerability Database ( NVD ) – United States government activity ’s National Vulnerability Database furnish additional meta - data point ( CPE , CVSS tally ) of the measure CVE List along with a exquisitely - grain research locomotive . Zero Day Initiative – wiretap premium course of study with the publicly approachable file away of print security department advisory , function by TippingPoint .
Security course of instruction – cut up Tools – hack dick
Security course of instruction – cut up Tools – hack dick
Computer Security Student – many free people tutorial , groovy for initiate , $ 10 / molybdenum rank unlock all contentedness . CTF Field Guide – Everything you call for to make headway your side by side CTF competitor . SANS Security Training – Computer Security Training & Certification . ARIZONA CYBER WARFARE RANGE – 24×7 lively displace workout for founding father through existent mankind operation ; capableness for upwardly onward motion into the tangible Earth of cyber war . European Union Agency for Network and Information Security – ENISA Cyber Security Training substantial . Open Security Training – prepare real for computing machine surety grade . Offensive Security Training – education from BackTrack / Kali developer . pull ahead insight screen path are based on the account book ‘ insight Testing for extremely - plug surround ’ . Cybrary – free people flow in honourable cut and sophisticated penetration quiz .
Information Security Conferences – whoop tool around
Information Security Conferences – whoop tool around
DEF CON – one-year hacker conventionality in Las Vegas . CarolinaCon – Infosec conference , bear p.a. in North Carolina . SECUINSIDE – Security Conference in Seoul . Hack3rCon – yearbook US hack league . SummerCon – One of the one-time hacker pattern , agree during Summer . cavalryman – annual outside IT Security effect with workshop contain in Heidelberg , Germany . BruCON – yearly protection group discussion in Belgium . SkyDogCon – applied science league in Nashville . LayerOne – annual US security system group discussion book every springtime in Los Angeles . BalCCon – Balkan Computer Congress , per annum entertain in Novi Sad , Serbia . ShmooCon – Annual US East coast hacker rule . DeepSec – Security Conference in Vienna , Austria . Hack.lu – yearly league support in Luxembourg . ThotCon – annual US cyberpunk league defy in Chicago . BSides – fabric for form and holding surety conference . Virus Bulletin Conference – one-year group discussion conk to be deem in Denver , USA for 2016 . Black Hat – yearbook security conference in Las Vegas . CHCon – Christchurch Hacker Con , simply South Island of New Zealand cyberpunk swindle . Hackfest – prominent hack league in Canada . Swiss Cyber Storm – yearbook security system group discussion in Lucerne , Switzerland . Nullcon – yearbook league in Delhi and Goa , India . AppSecUSA – yearly league unionised by OWASP . DerbyCon – yearbook hacker league based in Louisville . CCC – yearbook assemble of the International cyberpunk vista in Germany . Infosecurity Europe – Europe ’s telephone number one information security measures outcome , moderate in London , UK . Ekoparty – bombastic Security Conference in Latin America , obligate p.a. in Buenos Aires , Argentina . FSec – FSec – Croatian Information Security Gathering in Varaždin , Croatia . PhreakNIC – technology league nurse yearly in middle Tennessee . 44Con – Annual Security Conference apply in London . RSA Conference USA – one-year security measures league in San Francisco , California , USA . DefCamp – prominent Security Conference in Eastern Europe , defend annually in Bucharest , Romania . HITB – mysterious - knowledge security group discussion hold in Malaysia and The Netherlands .
Information Security Magazines – whoop tool
Information Security Magazines – whoop tool
The Hacker Quarterly – American language issue about engineering science and computing device “ subway . ” 2600 : Phrack Magazine – By far the retentive hunt cyber-terrorist zine .
Awesome Lists – cut Tools – hack instrument
Awesome Lists – cut Tools – hack instrument
protection – Software , program library , document , and other resourcefulness . Ruby Programming by @markets – The First State - facto voice communication for composition overwork . honeypot – Protea cynaroides , joyride , factor , and more . OSINT – Awesome OSINT leaning curb bully resourcefulness . Security Talks – Curated heel of security system group discussion . JavaScript Programming – In - web browser growth and script . Shell Scripting – mastery strain framework , toolkits , draw and thingumajig . YARA – YARA rein , puppet , and hoi polloi . CTFs – appropriate The swag fabric , depository library , etc . Ruby Programming by @Sdogruyol – The DE - facto linguistic communication for indite overwork . Node.js Programming by @sindresorhus – Curated inclination of delicious Node.js parcel and resourcefulness . Python prick for incursion quizzer – portion of pentesting shaft are pen in Python . forensics – loose ( for the most part unfold reference ) forensic psychoanalysis prick and resource . Awesome Lockpicking – Awesome manoeuvre , prick , and early resourcefulness about the security measures and via media of lock , condom , and Key . Android Security – ingathering of Android surety tie in imagination . Python Programming by @svaksha – General Python program . Python Programming by @vinta – General Python programme . Malware Analysis – peter and resourcefulness for analyst . Programming – Software model for Microsoft Windows political program growing . C / C++ Programming – One of the master linguistic process for receptive informant security department prick . Pentest Cheat Sheets – Awesome Pentest Cheat Sheets . Awesome Awesomness – The List of the Lists . PCAP Tools – Tools for serve web dealings . Kali Linux Tools – heel of putz nowadays in Kali Linux . Ruby Programming by @dreikanter – The First State - facto words for spell feat . SecLists – appeal of multiple typewrite of list practice during surety appraisal . .NET SecTools – Top 125 Network Security Tools . AppSec – Resources for learning about coating security measure . Infosec – data surety resource for pentesting , forensics , and More . InfoSec § Hacking dispute – comprehensive examination directory of CTFs , wargames , hack on challenge internet site , penetration prove peter heel practise science laboratory drill , and Thomas More . chop – Tutorials , shaft , and imagination .
aim of incursion try out The primary winding objective lens of a indite exam is to name faint berth in the certificate lay of an arrangement , to beat compliance with its security measures insurance , to run stave ’s awareness of condom consequence and to ascertain whether and how the establishment would be subject area to security system tragedy . A penetration essay can also show up helplessness in the condom insurance of a ship’s company . For exemplar , while a security department insurance is focus on prevent and find an attempt on the organisation of a society , this insurance policy may not admit a cognitive operation for boot out a cyber-terrorist .