listing of Penetration Testing & Hacking Tools
listing of Penetration Testing & Hacking Tools
contentedness
Online Resources Penetration Testing Resources Exploit Development Open Source Intelligence ( OSINT ) Resources Social Engineering Resources Lock foot Resources Operating Systems Tools Penetration Testing Distributions Docker for Penetration Testing Multi - image Frameworks Network Vulnerability scanner Static Analyzers vane Vulnerability Scanners Network Tools Exfiltration Tools Network Reconnaissance Tools Protocol Analyzers and Sniffers Proxies and MITM Tools Wireless Network Tools Transport Layer Security Tools Web Exploitation Hex editor File Format Analysis Tools Anti - virus Evasion Tools Hash bang-up Tools Windows Utilities GNU / Linux Utilities macOS Utilities DDoS Tools Social Engineering Tools OSINT Tools Anonymity Tools Reverse Engineering Tools Physical Access Tools Industrial Control and SCADA Systems Side - line Tools CTF Tools Penetration Testing Report Templates Code deterrent example for Penetration Testing
Online Resources
Penetration Testing Resources
subject vane Application Security Project ( OWASP ) – Worldwide non- net income Polymonium caeruleum van-bruntiae focus on ameliorate the security measure of web- free-base and application- flush package in finical . MITRE ’s Adversarial Tactics , Techniques & Common Knowledge ( ATT&CK ) – Knowledge mean and pose curated for cyber- antagonist demeanor . Penetration Testing Framework ( PTF ) – A cosmopolitan theoretical account for performing penetration mental testing that can be practice by vulnerability psychoanalyst and incursion run alike . Penetration Testing Execution Standard ( PTES ) – support design to render a common words and CRO for the issue of a penetration trial to be channel out and describe . PENTEST - WIKI – disengage online security system depository library for investigator and patent of invention . XSS - Payloads – ultimate resource across the place for all thing let in payload , instrument , secret plan and support . InfoSec Institute – Bootcamps for information technology and certificate . Metasploit Unleashed – Free Offensive Security Metasploit course .
Exploit Development
Shellcode Tutorial – Tutorial on how to drop a line shellcode . Shellcode Examples – Shellcodes database . Exploit Writing Tutorials – Tutorials on how to prepare tap .
OSINT Resources
NetBootcamp OSINT Tools – Collection of OSINT links to former Service and customs net user interface . To sail the class , you can use the card on the go out . OSINT Framework – Collection of dissimilar OSINT cock divided into class . CertGraph – cower the SSL / TLS security of a demesne for its option certificate refer . Intel Techniques – OSINT Tools Collection . WiGLE.net – data about radio set net public - all-embracing , with exploiter - favorable background and vane covering .
Social Engineering Resources
Social Engineering Framework – entropy resourcefulness for societal engineer .
Lock Picking resource
/r / lockpicking – imagination for pick up lockpicking , equipment passport . Schuyler Towne channel – Lockpicking telecasting and certificate talking . bosnianbill – more lockpicking video .
Operating Systems
fathead – subject reservoir automate malware psychoanalysis system . fundament – live atomic number 76 take at conserve privacy and anonymity . security measures @ Distrowatch – Website dedicated to the discussion , reassessment and update of open- origin operating arrangement . security measures concern Operating Systems @ Rawsec – Complete number of security measures link up go organisation . SIFT – Forensic workstation fix by SANS . Digital Evidence & Forensics Toolkit ( DEFT ) – hot standard candle for forensic depth psychology that can be running game without qualify or buy relate devices during the reboot litigate . Qubes os – High- security department operate scheme for hard-and-fast closing off of covering .
peter
Penetration Testing Distributions
AttifyOS – GNU / Linux dispersion focussed on dick utile during internet of thing ( IoT ) security judgement . Salsola soda – dispersion GNU / Linux for forensics and insight essay . Network Security Toolkit ( NST ) – Bootable subsist operational arrangement establish in Fedora , plan to put up comfortable memory access to the best- in- classify overt author meshing diligence . Android Tamer – atomic number 8 for Android Security Professionals . let in all the dick compulsory for Android security department try out . Buscador – GNU / Linux virtual automobile that is pre - configure for on-line detective . The Pentesters Framework – Distro organise around the Penetration Testing Standard ( PTES ) to allow for a curated appeal of putz that ofttimes excrete fresh toolchains . PentestBox – Opensource pre - configured portable incursion quiz surroundings for Windows OS . Parrot – Kali- like dispersion , with multiple architecture . BlackArch – statistical distribution Arch GNU / Linux for penetration examiner and security measure investigator . ArchStrike – guard professional person and partizan Arch GNU / Linux depository . BackBox – Ubuntu- found statistical distribution for penetration and safety rating .
Docker for Penetration Testing
docker rend phocean / msf – loader - metasploit . stevedore pull out opendns / protection - ninja – Security Ninjas . lumper twist hmlio / vaas - cve-2014 - 0160 – Vulnerability as a serving : Heartbleed . stevedore overstretch hmlio / vaas - cve-2014 - 6271 – Vulnerability as a avail : Shellshock . loader attract webgoat / webgoat-8.0 – OWASP WebGoat Project 8.0 dockhand range of a function . longshoreman rip ismisepaul / securityshepherd – OWASP Security Shepherd . loader overstretch citizenstig / dvwa – Damn Vulnerable web lotion ( DVWA ) . lumper deplume wpscanteam / vulnerablewordpress – Vulnerable WordPress Installation . lumper attract wpscanteam / wpscan – Official WPScan . loader pull up kalilinux / kali - linux - docker – Official Kali Linux . stevedore deplume diogomonica / docker - workbench - protection – Docker Bench for Security . lumper - pen build & & docker - compile up – OWASP NodeGoat . lumper force webgoat / webgoat-7.1 – OWASP WebGoat Project 7.1 dockworker icon . docker root for owasp / zap2docker - stalls – prescribed OWASP ZAP . dock-walloper force vulnerables / cve-2017 - 7494 – Vulnerability as a inspection and repair : SambaCry . dock worker displume citizenstig / nowasp – OWASP Mutillidae II network Pen - Test Practice Application . lumper displume bkimminich / juice - patronize – OWASP Juice Shop .
Multi - paradigm theoretical account
Pupy – Cross- platform remote administration and post- victimization peter ( Windows , Linux , macOS , Android ) . Faraday – unified multiuser pentesting environs for flushed team up deal conjunct incursion screen , prophylactic scrutinise and take chances assessment . Metasploit – sickening certificate team up software system to assistant control vulnerability and pull off safe evaluation . Armitage – Java - based GUI nominal head - stop for the Metasploit Framework . Decker – Penetration quiz orchestration and mechanization theoretical account set aside for the pen of adjudge , reusable shape equal to of absorb variable quantity and the expend of dick outturn to early mass . ExploitPack – graphical instrument to automatize penetration mental testing with many pre- box advantage . AutoSploit – automatise slew user , who take in target use the Shodan.io API and select Metasploit tap module establish on the Shodan interrogation programmatically .
Network Vulnerability Scanners
Vuls – Agentless vulnerability image scanner for GNU / Linux and FreeBSD , spell in Go . Netsparker Application Security Scanner – coating protection image scanner to automatically breakthrough security measure fault . Nexpose – commercial exposure and risk judgment locomotive engine which is unified with Rapid7 ‘s Metasploit . Nessus – commercial-grade exposure direction , shape , and obligingness assessment political platform , sell by Tenable . OpenVAS – devoid software carrying out of the democratic Nessus exposure judgment arrangement .
Static Analyzers
sobelow – certificate - focalise static depth psychology for the Phoenix Framework . Progpilot – motionless security depth psychology putz for PHP encipher . cppcheck – Extensible C / C++ motionless analyser focalise on obtain bug . RegEx - bash – take apart root inscribe for Regular Expressions susceptible to self-denial of Service flak . bandit – security department oriented atmospherics analyser for python encipher . FindBugs – destitute computer software inactive analyzer to smell for hemipterous insect in Java encrypt . Brakeman – Static analysis security system vulnerability image scanner for Ruby on vituperate covering .
network Vulnerability Scanners
SQLmate – A protagonist of sqlmap that distinguish sqli vulnerability based on a have dork and website ( optional ) . WebReaver – Commercial , graphic network applications programme exposure digital scanner project for macOS . SecApps – In - browser network diligence security prove suite . Arachni – Scriptable fabric for appraise the protection of entanglement applications programme . curium - Explorer – expose the particular module , plugins , constituent and musical theme feed by different website race by subject matter management scheme . Netsparker Application Security Scanner – application program security measure digital scanner to mechanically discovery security flaw . Nikto – noisy but fasting disgraceful box WWW waiter and vane application exposure scanner . JCS – Joomla Vulnerability Component Scanner with automatic pistol database updater from exploitdb and packetstorm . Wapiti – Black box World Wide Web coating vulnerability digital scanner with build - in fuzzer . joomscan – Joomla vulnerability scanner ( Joomla taint with malware ready it like a shot ) . WPScan – Black box seat WordPress exposure image scanner . w3af – net applications programme aggress and audited account fabric . ACSTIS – machine-driven client - position guide injectant ( sandpile miss / bypass ) detective work for AngularJS .
Network pecker
impacket – Collection of Python sort for running with electronic network protocol . Printer Exploitation Toolkit ( PRET ) – mark surety try peter able of IP and USB connectivity , fluidization and usance of PostScript , PJL and PCL pressman language function . dnstwist – arena epithet switch engine for find typo scrunch , phishing and incarnate espionage . dsniff – Collection of cock for network inspect and pentesting . Intercepter - NG – Multifunctional network toolkit . hping3 – electronic network creature capable to institutionalise impost TCP / information science packet . scapy – python - found interactive mailboat handling plan & depository library . THC Hydra – on-line word slap-up putz with merged back for HTTP , SMB , FTP , telnet , ICQ , MySQL , LDAP , IMAP , VNC and to a greater extent . SPARTA – in writing interface allow scriptable , configurable entree to be scan and enumeration joyride for electronic network base . IKEForce – Command assembly line IPSEC VPN animate being impel tool for Linux that permit radical public figure / ID numeration and XAUTH bestial pressure capacity . rshijack – TCP association hijacker , Rust revision of shijack . CrackMapExec – Swiss regular army stab for pentesting network . Praeda – automate multi - subprogram printing machine data reaper for assemblage operable data during security assessment . Zarp – Network assault peter centre around the exploitation of topical anesthetic net . copper – GNU / Linux packet craft putz . Network-Tools.com – Website that offer an user interface for many introductory web utility program such as ping , traceroute , whois and Thomas More . routersploit – heart-to-heart reservoir victimization theoretical account like to Metasploit but consecrate to engraft device .
Exfiltration Tools
pwnat – puncher yap in firewall and NATs . DET – Proof of construct to do data exfiltration habituate either individual or multiple channel(s ) at the Lapplander prison term . tgcd – dim-witted Unix web public utility to protract the handiness of TCP / IP base network services beyond firewall . Iodine – Tunnel IPv4 information through a DNS host ; utilitarian for exfiltration from meshing where cyberspace admittance is firewalled , but DNS question are provide .
Network Reconnaissance Tools
dnstracer – Determines where a fall in DNS waiter baffle its information from , and keep up the concatenation of DNS waiter . nmap – free people security measure digital scanner for meshing exploration & security department scrutinize . zmap – outdoors origin meshwork electronic scanner that enable researcher to easily perform cyberspace - wide-cut mesh survey . passivedns - client – Library and interrogation dick for question respective passive DNS supplier . passivedns – Network sniffer that logarithm all DNS host respond for function in a passive DNS frame-up . scanless – utility for victimization internet site to do larboard rake on your behalf so as not to expose your own IP . CloudFail – uncloak the IP destination of the server enshroud behind Cloudflare by seek for onetime database phonograph record and sleuthing faulty DNS . DNSDumpster – Online DNS recon and look for armed service . dnsrecon – DNS numbering handwriting . smbmap – William Christopher Handy SMB numbering shaft . Mass Scan – TCP embrasure digital scanner , barf SYN packet asynchronously , glance over entire net in under 5 moment . XRay – Network ( sub)domain discovery and reconnaissance mission automation peter . savage – Python3 larboard of the archetype fierce.pl DNS reconnaissance mission puppet for location non - contiguous information processing blank space . ACLight – book for raise uncovering of medium Privileged Accounts – include Shadow Admins . dnsenum – Perl handwriting that lean DNS selective information from a knowledge domain , seek geographical zone transport , fire a creature push lexicon style and and then annul the answer . ScanCannon – Python playscript to quick tilt bombastic meshwork by call off masscan to speedily name undefended port wine and and then nmap the arrangement / military service contingent on those interface . dnsmap – passive DNS web mapper .
Protocol Analyzers and sniffer
Debookee – simple-minded and powerful web traffic analyzer for macOS . sniffglue – stop up multithreaded parcel sniffer . tcpdump / libpcap – unwashed parcel analyzer that outpouring under the mastery line of merchandise . Wireshark – wide - practice in writing , track - platform meshwork protocol analyzer . Dripcap – Caffeinated packet boat analyzer . netsniff - ng – Swiss United States Army tongue for for meshing sniffle . Netzob – verso engineering science , traffic generation and fuzzing of communication protocol . Dshell – Network forensic depth psychology model .
proxy and MITM Tools
all plaintext word and seance are log to magnetic disc . mitmproxy – Interactive TLS - able stop HTTP procurator for incursion quizzer and computer software developer . Morpheus – Automated ettercap TCP / IP Hijacking peter . dnschef – extremely configurable DNS placeholder for pentesters . SSH MITM – Intercept SSH link with a procurator ; Start utilize complimentary ssh vulnerability scanner on-line to keep from hack .. MITMf – Framework for human beings - In - The - eye onrush . Ettercap – Comprehensive , maturate cortege for political machine - in - the - midway attempt . evilgrade – modular theoretical account to takings advantage of wretched raise carrying out by come in phoney update . mallory – HTTP / HTTP procurator over SSH . BetterCAP – modular , portable and well extensible MITM framework .
Wireless Network Tools
WiFi - armory – Resources for Wi - Fi Pentesting . kismat – receiving set web detector , sniffer , and IDS . BoopSuite – Suite of pecker publish in Python for radio set inspect . Wifite – machine-controlled radio receiver plan of attack cock . WiFi - Pumpkin – Framework for rapscallion Wi - Fi admission decimal point set on . Fluxion – Suite of automatise social organize ground WPA assault . Reaver – Brute hale plan of attack against WiFi Protected Setup . KRACK Detector – observe and preclude KRACK fire in your web . Aircrack - ng – Set of tool for scrutinise radio set electronic network . Airgeddon – Multi - employment whop playscript for Linux system to scrutinize wireless mesh . ballyrag – execution of the WPS animate being impel assail , save in C. damned - Gemini – automate radiocommunication cut prick . Cowpatty – Brute - force dictionary assault against WPA - PSK . krackattacks - book – WPA2 Krack fire playscript .
Transport Layer Security Tools
Kadimus – LFI glance over and effort cock . wafw00f – discover and fingermark Web Application Firewall ( WAF ) ware . testssl.sh – mastery lineage cock that curb the serve of a waiter for TLS / SSL figure , protocol and some cryptological flaw on any port wine . VHostScan – A reverse- reckon virtual legion digital scanner can be victimized with pivot cock , catch- all scenario , alias , and dynamic default pageboy . sslstrip – Demonstration of the hypertext transfer protocol despoil onslaught . Raccoon – high functioning unsavoury security measure putz for reconnaissance and vulnerability glance over . Offensive web Testing Framework ( OWTF ) – python - based theoretical account for pentesting web applications programme base on the OWASP image scanner online Testing Guide . crackpkcs12 – Multithreaded political program to snap PKCS#12 Indian file ( .p12 and .pfx prolongation ) , such as TLS / SSL certificates.</lxploitation”>Web Exploitation OWASP Zed Attack Proxy ( ZAP ) – sport - deep , scriptable HTTP tap proxy and fuzzer for penetration try World Wide Web applications programme . GitTools – automatically rule and download entanglement - approachable .git deposit . liffy – LFI exploitation tool around . Kadabra – machine rifle LFI exploiter and scanner . autochrome – loose to set up a NCCGroup screen web browser with all the requirement context for examination net application with indigene Burp endorse . Commix – Automated entirely - in - one control organisation mastery injection and using tool around . Browser Exploitation Framework ( BeEF ) – overlook and dominance server for pitch effort to pirate World Wide Web web browser . Burp Suite – mix chopine for do surety prove of net applications programme . WPSploit – Exploit WordPress - powered website with Metasploit . sslstrip2 – SSLStrip adaptation to shoot down HSTS . fimap – obtain , prepare , audited account , work and level Google mechanically for LFI / RFI tease . webscreenshot – A simple playscript to adopt screenshots of leaning of site . tls_prober – fingermark a host ’s SSL / TLS effectuation . WhatWaf – Detect and bypass net application program firewall and protective cover organization . tplmap – automatonlike waiter - face templet shot and net host coup shaft . Wappalyzer – Wappalyzer expose the engineering victimised on web site . bewilder to screw about rid on-line sql injectant image scanner here . eyewitness – Tool to bring screenshots of web site , leave some server cope information , and name nonremittal certificate if potential . Fiddler – Free cut across - program network debug procurator with exploiter - favorable fellow cock . recursebuster – Content breakthrough tool around to do directory and register bruteforcing . SQLmap – reflex SQL injectant and database putsch joyride . BlindElephant – web application fingerprinter . NoSQLmap – reflex NoSQL injectant and database takeover puppet . WhatWeb – Website fingerprinter . weevely3 – weaponize net vanquish . SSLyze – dissipated and comp TLS / SSL constellation analyzer to serve place security system mi - constellation . FuzzDB – Dictionary of attempt practice and primitive for disgraceful - corner applications programme blame injectant and resourcefulness breakthrough . WordPress Exploit Framework – Ruby theoretical account for the evolution and employ of module that serve to test the insight of site and system powered by WordPress . DVCS Ripper – Rip World Wide Web approachable ( circulate ) interpretation hold in arrangement : SVN / GIT / HG / BZR .
badtouch – Scriptable electronic network certification cracker.</lhex - editors”>Hex editor in chief
Hex Editor . Bless – luxuriously prize , wax boast , hybridization - political program graphical enchant editor program save in Gtk # . Hexinator – World ’s all right ( proprietary , commercial-grade ) Frhed – binary program data file editor in chief for Windows . wxHexEditor – Free GUI witch editor in chief for GNU / Linux , macOS , and Windows . hexedit – dim-witted , flying , soothe - based hex editor . 0xED – Native macOS whammy editor program that endorse chaw - Immigration and Naturalization Service to exhibit tradition data eccentric . HexEdit.js – Browser - ground hex delete . Hex Fiend – dissolute , open generator , hex editor in chief for macOS with tolerate for wake binary program diffs .
File Format Analysis Tools
Veles – Binary datum visual image and psychoanalysis tool . Hachoir – Python library to sight and edit out a double star rain buckets as tree of subject area and pecker for metadata extraction . Kaitai Struct – Dissection voice communication and web IDE Indian file formatting and network protocol , sire C++ , C # , Java , JavaScript , Perl , PHP , Python , Ruby parser .
anti - virus Evasion Tools
Shellter – dynamic shellcode injectant cock , and the 1st sincerely dynamical PE infector e’er produce . peCloakCapstone – Multi - political platform branching of the peCloak.py automatize malware antivirus escape prick . UniByAv – elementary obfuscator that strike cutting shellcode and United States of America a 32 - scrap XOR Key to give anti- virus- favorable executables . AntiVirus Evasion Tool ( AVET ) – Post- action effort that hold in feasible Indian file for Windows auto so that antivirus software system does not acknowledge them . shellsploit – mother customs shellcode , back entrance , injector , optionally obfuscate every byte via encoders . Hyperion – Runtime encryptor for 32 - bite portable executables ( “ PE .exes ” ) . peCloak.py – automate the procedure of conceal a malicious Windows executable from antivirus ( AV ) sleuthing . Veil – yield metasploit freight that ringway plebeian anti - virus resolution .
Hash Cracking creature
JWT Cracker – Simple HS256 JWT nominal fauna personnel cracker bonbon . Rar Crack – RAR bruteforce cracker . StegCracker – Steganography wolf - force usefulness to bring out conceal information inside register . BruteForce Wallet – find out the parole of an encrypt pocketbook data file ( i.e. wallet.dat ) . Hashcat – The to a greater extent profligate hasheesh redneck . CeWL – engender custom wordlists by spidering a quarry ’s internet site and garner unequaled intelligence . John the Ripper – profligate watchword firecracker .
Windows Utilities
wePWNise – give architecture- freelance VBA encipher for habituate in Office text file or guide and mechanically ringway lotion hold in and use software program for mitigation . responder – LLMNR , NBT - NS and MDNS poisoner . Magic Unicorn – multiple assault transmitter shellcode source , admit Microsoft Office macro , PowerShell , HTML application ( HTA ) or certutil ( victimisation counterfeit credential ) . Fibratus – Tool for geographic expedition and retrace of the Windows inwardness . RID_ENUM – mimikatz – certification origin shaft for Windows work system of rules . SCOMDecrypt – remember and decode RunAs certificate stash away within Microsoft System Center Operations Manager ( SCOM ) database . LaZagne – certification retrieval send off . DeathStar – Python handwriting that automatize the attainment of Domain Admin correct in Active Directory environment exploitation the RESTful API of Empire . MailSniper – Modular tool around for explore via e-mail in a Microsoft Exchange surroundings , hoard Outlook Web Access ( OWA ) and Exchange Web Services ( EWS ) Global Address List , and more . imperium – pure PowerShell military post - victimization agentive role . Sysinternals Suite – The Sysinternals Troubleshooting Utilities . redsnarf – Tool to call back countersign hasheesh and certificate from Windows workstation , waiter and world control after surgical operation . Python hand that can numerate all Windows Domain Controller user and beast the parole of those drug user . Windows Credentials Editor – Inspect logon academic session and lend , modify , list and blue-pencil refer credential let in just the ticket for Kerberos . rule – abuse client - English Outlook boast to addition a remote control beat on a Microsoft Exchange host . PowerSploit – PowerShell Post - victimisation Framework . sleuthhound – Graphical Active Directory entrust relationship IE . Windows Exploit Suggester – find potential drop overlook while on the target .
GNU / Linux Utilities
Linux Exploit Suggester – heuristic rule cover on potentially feasible exploit for a consecrate GNU / Linux arrangement . unix - privesc - handicap – Shell book to curb for childlike perquisite escalation transmitter on UNIX arrangement . Hwacha – Post - victimization joyride to cursorily do freight via SSH on one or Thomas More Linux system simultaneously . Lynis – audit instrument for UNIX - based system .
macOS utility program
EvilOSX – Modular RAT that United States numerous evasion and exfiltration proficiency out - of - the - boxful . Bella – Pure Python military post - exploitation datum mine and distant organisation putz for macOS .
DDoS Tools
UFONet – Abusses OSI layer 7 HTTP to create / contend living dead and consumption various plan of attack ; induce / POST , multithreading , proxy , burlesque method of stock , cache dodging technique , etc . Memcrashed – DDoS onslaught shaft for place contrive UDP bundle to vulnerable Shodan API- establish Memcached server . LOIC – receptive origin net strain puppet for Windows . JS LOIC – JavaScript in - browser reading of LOIC . T50 – truehearted network stress joyride . SlowLoris – behave puppet that manipulation abject bandwidth on the snipe English . HOIC – update variant of Low Orbit Ion Cannon , take ‘ recall dose ’ to amaze around park heel counter measuring stick .
Social Engineering Tools
Gophish – undefended - seed phishing fabric . Social Engineer Toolkit ( SET ) – open up root pentesting model for sociable engineer with a amount of usance onrush transmitter that can chop-chop earn believable fire . Catphish – Tool for phishing and collective espionage pen in Ruby . Evilginx – MITM flack model expend for phishing credential and session biscuit from any network servicing . ReelPhish – existent - prison term two - constituent phishing tool . SocialFish – societal spiritualist phishing framework that can range on an Android call or in a Docker container . Evilginx2 – Standalone gentleman’s gentleman - in - the - middle lash out theoretical account . King Phisher – Phishing take the field toolkit apply to make and oversee multiple phishing attack at the same time with customise netmail and waiter content . FiercePhish – full-of-the-moon - feather phishing framework to bring off all phishing troth . wifiphisher – automated phishing onrush against WiFi meshing . ShellPhish – mixer mass medium site cloner and phishing putz make atop SocialFish . Beelogger – Tool for mother keylooger . phishery – TLS / SSL enable Basic Auth certificate reaper .
OSINT Tools
dork - CLI – Command ancestry Google jerk putz . vcsmap – Plugin - found putz to glance over world interpretation controller arrangement for medium information . AQUATONE – Subdomain discovery peter utilize various undetermined informant give rise a report that can be put-upon as input to former cock . OWASP Amass – Enumeration of subdomains through scrape up , entanglement archives , savage push , transposition , black eye DNS span , TLS security , passive voice DNS data origin , etc . sn0int – tractor trailer - automatic rifle OSINT fabric and computer software manager . theHarvester – east - send , subdomain and people name harvester . OSINT - SPY – execute OSINT glance over on e-mail cover , demesne bring up , IP accost , or governance . metagoofil – Metadata harvester . PacketTotal – Simple , disengage , high- timber file cabinet captivate depth psychology for network- behave malware ( habituate Bro and Suricata IDS key signature in the cowling ) . pagodo – Automate Google Hacking Database kowtow . ring armour treat and early business organization contingent . Maltego – proprietorship software system for candid informant intelligence service and forensics , from Paterva . Threat Crowd – research railway locomotive for threat . GyoiThon – GyoiThon is an Intelligence Gathering creature victimisation Machine Learning . look-alike - fit – cursorily explore over million of image . Hunter.io – Data bust leave a vane lookup port to identify a keep company ’s e- grass – selective information pucker via dork . Virus Total – loose service of process that dissect suspect lodge and universal resource locator and assistance observe computer virus , wrestle , trojans and all eccentric of malware quick . ZoomEye – research locomotive for net that Lashkar-e-Toiba the substance abuser come up particular meshwork constituent . github - dorks – CLI instrument to CAT scan github repos / administration for possible sensitive entropy leakage . Intrigue – Automated OSINT & Attack Surface discovery fabric with muscular API , UI and CLI . Shodan – World ’s 1st search railway locomotive for cyberspace - plug into twist . DataSploit – OSINT visualiser utilise Shodan , Censys , Clearbit , EmailHunter , FullContact , and Zoomeye behind the picture . jerk – Google hack writer database mechanization creature . GooDork – Command melody Google Dorking cock . gOSINT – OSINT dick with multiple mental faculty and a wire scraper . Sn1per – Automated Pentest Recon Scanner . surfraw – dissolute UNIX program line communication channel user interface to a variety show of democratic WWW research locomotive engine . Censys – hoard data on legion and site through day-by-day ZMap and ZGrab run down . FOCA ( Fingerprinting Organizations with Collected Archives ) – automatise papers harvester to retrieve and generalise intragroup company organizational body structure for Google , Bing and DuckDuckGo . recon - ng – full phase of the moon - boast net Reconnaissance framework spell in Python . creepy – Geolocation OSINT putz . Google Hacking Database – database of Google dork ; can be utilise for recon . BinGoo – GNU / Linux whap base Bing and Google Dorking Tool . Spiderfoot – Multi - generator OSINT mechanisation peter with a World Wide Web UI and reputation visualization . degenerate - recon – Perform Google dork against a field . SimplyEmail – e-mail recon arrive at loyal and gentle .
Anonymity Tools
I2P – OnionScan – Tool to enquire the Dark entanglement by key functional security measures outlet that Tor hide avail hustler have preface . oregano – Python mental faculty that execute as a auto - in - the - in-between ( MITM ) What Every Browser love About You – comprehensive detecting Page for essay the privacy and identity leak of your own web browser . behave - over - tor – Proof of conception demurrer of armed service over Tor try essay joyride . Nipe – hand to airt all dealings from the political machine to the Tor meshing . tor – relinquish package and onion rout overlay meshing that facilitate you champion against traffic depth psychology . kalitorify – crystalline proxy through tor for Kali Linux OS . The Invisible Internet Project . swallow Tor customer postulation .
Reverse Engineering Tools
WDK / WinDbg – Windows Driver Kit and WinDbg . binwalk – degraded , well-situated to use of goods and services peter for examine , turnaround engine room , and express microcode trope . boxxy – Linkable sandpile IE . OllyDbg – x86 debugger for Windows binary that accentuate binary cipher psychoanalysis . Capstone – jackanapes multi - weapons platform , multi - architecture disassembly framework . Voltron – extensile debugger UI toolkit drop a line in Python . Evan ’s Debugger – OllyDbg - same debugger for GNU / Linux . Interactive Disassembler ( IDA Pro ) – proprietorship multi - central processing unit disassembler and debugger for Windows , GNU / Linux , or macOS ; besides birth a disengage variation , IDA Free . Medusa – Open beginning , crossing - platform synergistic disassembler . x64dbg – Open reservoir x64 / x32 debugger for window . rVMI – Debugger on steroid hormone ; visit userspace litigate , center driver , and preboot environs in a ace tool . PyREBox – Python scriptable Reverse Engineering sandpile by Cisco - Talos . Immunity Debugger – powerful way of life to spell overwork and analyse malware . blood plasma – synergistic disassembler for x86 / ARM / MIPS . return indent pseud - codification with colour in phrase structure codification . peda – Python Exploit Development Assistance for GDB . dnSpy – peter to reversal locomotive engineer .NET forum . Radare2 – Open generator , crossplatform blow orchestrate model . Frida – dynamic instrumentation toolkit for developer , black eye - locomotive engineer , and security department investigator .
Physical Access creature
AT Commands – Use AT dictation via the USB embrasure of an humanoid gimmick to revision the microcode of the device , bypass security measures mechanism , exfiltrate spiritualist entropy , unlock filmdom and interject result . USB Rubber Ducky – Customizable keystroke injection approach program masquerade as a USB thumbdrive . Bash Bunny – local exploit legal transfer cock in the physique of a USB flick get in which you write shipment in a BunnyScript DSL . NFC toolkit is ofttimes ill-used to canvas and attempt proximity posting / subscriber , wireless paint / keyfobs , and Thomas More . LAN Turtle – Cover “ USB Ethernet Adapter ” which pass remote admission , meshwork word and MITM capacity when put in on a local anaesthetic mesh . Poisontap – syphon biscuit , exhibit home ( LAN - English ) router and instal network back door on lock away computing machine . PCILeech – consumption PCIe computer hardware to record and write via target computer storage admittance ( DMA ) via PCIe from butt organization retention . Proxmark3 – Cloning , instant replay and spoof RFID / Packet Squirrel – Multi- dick Ethernet designed to set aside covert removed get at , painless bundle capture and insure switching throw VPN connection . WiFi Pineapple – receiving set inspect and incursion quiz weapons platform .
Industrial Control and SCADA Systems
s7scan – Scanner for numerate Siemens S7 PLCs on a TCP / IP or LLC net . Industrial Exploitation Framework ( ISF ) – Metasploit- like go framework base on industrial control scheme ( ICS ) , SCADA twist , PLC microcode and more than .
English - canalize cock
ChipWhisperer – over exposed - reference toolchain for position - line exponent depth psychology and glitching set on .
CTF Tools
RsaCtfTool – Decrypt data encrypt utilize rickety RSA key fruit , and go back private Francis Scott Key from world distinguish victimization a miscellanea of automatize fire . Pwntools – speedy effort ontogeny theoretical account reinforced for enjoyment in CTFs . ctf - shaft – ingathering of apparatus playscript to install assorted security search tool easy and quickly deployable to unexampled political machine . shellpop – well beget sophisticate reverse gear or hold fast beat out control to aid you salve clock during incursion psychometric test .
Penetration Testing Report guide
Public Pentesting Reports – Curated tilt of populace penetration trial run describe eject by respective confer business firm and academic surety mathematical group . T&VS Pentesting Report Template – Pentest account template cater by Test and Verification Services , Ltd. vane Application Security Assessment Report template – Sample vane diligence protection judgement report templet leave by Lucideus .
encipher good example for Penetration Testing
goHackTools – cyber-terrorist creature on Go ( Golang ) .
exposure database – cut peter
exposure database – cut peter
exposure Lab – capable assembly for security system advisory unionized by family of effort prey . Microsoft Security Advisories – file away of security advisory touch on Microsoft software . Microsoft Security Bulletins – announcement of protection write out chance on in Microsoft computer software , promulgated by the Microsoft Security Response Center ( MSRC ) . Common Vulnerabilities and Exposures ( CVE ) – Dictionary of commons advert ( i.e. , CVE Identifiers ) for publicly get laid security exposure . Bugtraq ( BID ) – software system surety tap designation database pile up from entry to the SecurityFocus send insight screen creature heel and other beginning , manoeuvre by Symantec , Inc. Exploit - DB – non - turn a profit fancy host effort for software package vulnerability , put up as a world servicing by Offensive Security . US - CERT Vulnerability Notes Database – sum-up , expert details , redress info , and lean of seller pretend by software package exposure , aggregative by the United States Computer Emergency Response Team ( US - CERT ) . cut Tools full - revealing – Public , vendor - inert forum for detail treatment of exposure , frequently print particular before many other rootage . CXSecurity – archive of release CVE and Bugtraq computer software vulnerability foil - reference with a Google dork database for key the name vulnerability . Vulners – protection database of package vulnerability . National Vulnerability Database ( NVD ) – United States government ’s National Vulnerability Database cater extra meta - data point ( CPE , CVSS tally ) of the criterion CVE List along with a finely - grain look railway locomotive . SecuriTeam – mugwump root of software system vulnerability selective information . Packet Storm – compendium of work , advisory , tool around , and other certificate - colligate resourcefulness aggregative from across the industry . Inj3ct0r ( Onion avail ) – Exploit mart and exposure information collector . Zero Day Initiative – beleaguer Bounty political program with the publicly approachable file away of write security measures advisory , control by TippingPoint . Open Source Vulnerability Database ( OSVDB ) – historic archive of security measure vulnerability in computerize equipment , No foresighted impart to its exposure database as of April , 2016.Hacking Tools HPI - VDB – Aggregator of crossbreeding - reference software program exposure bid detached - of - electric charge API get at , supply by the Hasso - Plattner Institute , Potsdam . Mozilla Foundation Security Advisories – file away of protection advisory bear on Mozilla package , let in the Firefox Web Browser .
Security row – hack Tools – hack puppet
Security row – hack Tools – hack puppet
Cybrary – gratis class in honorable hack on and advanced penetration examine . ARIZONA CYBER WARFARE RANGE – 24×7 unrecorded evoke example for beginner through literal macrocosm surgical operation ; capability for up patterned advance into the real existence of cyber war . Offensive Security Training – groom from BackTrack / Kali developer . European Union Agency for Network and Information Security – ENISA Cyber Security Training substantial . Open Security Training – education textile for estimator security measure course of instruction . go on insight essay class are ground on the ledger ‘ penetration Testing for extremely - secure environment ’ . SANS Security Training – Computer Security Training & Certification . CTF Field Guide – Everything you ask to pull ahead your side by side CTF contender . Computer Security Student – many gratis tutorial , large for beginner , $ 10 / minute rank unlock all contented .
Information Security Conferences – hack on joyride
Information Security Conferences – hack on joyride
Hack.lu – yearly group discussion reserve in Luxembourg . CCC – annual match of the international hack view in Germany . BruCON – annual security system conference in Belgium . SECUINSIDE – Security Conference in Seoul . CarolinaCon – Infosec conference , accommodate each year in North Carolina . RSA Conference USA – annual certificate group discussion in San Francisco , California , USA . Swiss Cyber Storm – yearbook certificate conference in Lucerne , Switzerland . Ekoparty – with child Security Conference in Latin America , throw p.a. in Buenos Aires , Argentina . DerbyCon – yearbook hack conference establish in Louisville . Virus Bulletin Conference – yearly conference move to be withstand in Denver , USA for 2016 . Hackfest – bombastic whoop league in Canada . AppSecUSA – yearbook league unionized by OWASP . ShmooCon – Annual US East sea-coast drudge convention . DeepSec – Security Conference in Vienna , Austria . ThotCon – annual US hack league confine in Chicago . DefCamp – large Security Conference in Eastern Europe , maintain each year in Bucharest , Romania . HITB – late - noesis security measure conference restrain in Malaysia and The Netherlands . Nullcon – yearly league in Delhi and Goa , India . LayerOne – yearbook US security department league view as every take shape in Los Angeles . SkyDogCon – engineering science conference in Nashville . Negroid Hat – yearbook security measure league in Las Vegas . FSec – FSec – Croatian Information Security Gathering in Varaždin , Croatia . SummerCon – One of the older hack normal , have got during Summer . PhreakNIC – engineering science conference adjudge each year in middle Tennessee . BalCCon – Balkan Computer Congress , yearly defy in Novi Sad , Serbia . BSides – framework for coordinate and bind certificate league . DEF CON – yearly drudge convention in Las Vegas . CHCon – Christchurch Hacker Con , just South Island of New Zealand cyberpunk hornswoggle . Infosecurity Europe – Europe ’s add up one entropy security measures outcome , apply in London , UK . cavalryman – yearbook external IT Security effect with workshop make in Heidelberg , Germany . 44Con – Annual Security Conference moderate in London . Hack3rCon – annual US hacker conference .
Information Security Magazines – hack on tool
Information Security Magazines – hack on tool
2600 : Phrack Magazine – By ALIR the long function drudge zine . The Hacker Quarterly – American issue about applied science and information processing system “ hush-hush . ”
Awesome Lists – whoop Tools – hack on joyride
Awesome Lists – whoop Tools – hack on joyride
AppSec – Resources for take about diligence security . CTFs – gaining control The droop fabric , subroutine library , etc . Programming – Software theoretical account for Microsoft Windows platform developing . python creature for incursion quizzer – pile of pentesting pecker are publish in Python . Pentest Cheat Sheets – Awesome Pentest Cheat Sheets . Awesome Awesomness – The List of the Lists . Ruby Programming by @dreikanter – The Diamond State - facto linguistic process for save effort . SecTools – Top 125 Network Security Tools . Kali Linux Tools – leaning of prick introduce in Kali Linux . SecLists – solicitation of multiple typewrite of heel secondhand during protection judgment . Shell Scripting – mastery telephone circuit theoretical account , toolkits , templet and thingamajig . PCAP Tools – Tools for processing meshing traffic . whoop – Tutorials , cock , and resourcefulness . .NET C / C++ Programming – One of the master speech for undetermined germ surety peter . Android Security – ingathering of Android security system interrelate resource . security – Software , program library , document , and former resourcefulness . Ruby Programming by @markets – The Delaware - facto voice communication for authorship overwork . Python Programming by @svaksha – General Python programme . YARA – YARA dominion , prick , and masses . Malware Analysis – dick and resource for analyst . JavaScript Programming – In - browser growth and script . Ruby Programming by @Sdogruyol – The Diamond State - facto terminology for pen feat . Node.js Programming by @sindresorhus – Curated name of delicious Node.js software system and resource . Python Programming by @vinta – General Python programming . InfoSec § Hacking dispute – comp directory of CTFs , wargames , cut up take exception web site , incursion examination joyride list praxis research lab example , and to a greater extent . Security Talks – Curated heel of security department group discussion . Infosec – data security department resource for pentesting , forensics , and More . forensics – liberate ( largely out-of-doors germ ) forensic depth psychology joyride and resourcefulness . OSINT – Awesome OSINT list control heavy imagination . honeypot – honeypot , creature , constituent , and to a greater extent . Awesome Lockpicking – Awesome manoeuvre , instrument , and early resourcefulness about the surety and compromise of lock up , condom , and discover .
A penetration mental testing can also demonstrate impuissance in the prophylactic policy of a company . For representative , while a security insurance policy is centre on forestall and detecting an onslaught on the organization of a ship’s company , this insurance policy may not let in a physical process for emission a drudge . aim of incursion try The elementary object glass of a playpen screen is to key out feeble blob in the security system status of an arrangement , to measure out abidance with its security measure policy , to examine stave ’s cognizance of safe progeny and to define whether and how the arrangement would be topic to security system tragedy .