Skip to content

Latest commit

 

History

History
107 lines (97 loc) · 3.33 KB

File metadata and controls

107 lines (97 loc) · 3.33 KB

Hacking tools

Penetration-testing and security-audit tools, grouped by engagement phase. Only use them against systems you own or are explicitly authorized to test.

Information gathering

Map the target: discover hosts, open ports, subdomains, and services. [nmap](/man/nmap) [zenmap](/man/zenmap) [masscan](/man/masscan) [netdiscover](/man/netdiscover) [amass](/man/amass) [subfinder](/man/subfinder) [dmitry](/man/dmitry) [ike-scan](/man/ike-scan) [enum4linux](/man/enum4linux) [smbmap](/man/smbmap)

Vulnerability analysis

Scan discovered services for known weaknesses and misconfigurations. [nikto](/man/nikto) [nuclei](/man/nuclei) [lynis](/man/lynis) [nmap](/man/nmap)

Web application analysis

Probe web applications: intercept requests, brute-force paths, and test for injection. [burpsuite](/man/burpsuite) [sqlmap](/man/sqlmap) [gobuster](/man/gobuster) [feroxbuster](/man/feroxbuster) [dirb](/man/dirb) [ffuf](/man/ffuf) [wfuzz](/man/wfuzz) [wpscan](/man/wpscan) [whatweb](/man/whatweb) [wafw00f](/man/wafw00f) [skipfish](/man/skipfish) [httrack](/man/httrack)

Password attacks

Generate wordlists and recover or test credentials, offline (hash cracking) and online (login brute-forcing). [hashcat](/man/hashcat) [john](/man/john) [hydra](/man/hydra) [medusa](/man/medusa) [ncrack](/man/ncrack) [ophcrack](/man/ophcrack) [pyrit](/man/pyrit) [rcrack](/man/rcrack) [cewl](/man/cewl) [crunch](/man/crunch)

Wireless attacks

Audit Wi-Fi networks and RFID/NFC cards. [aircrack-ng](/man/aircrack-ng) [wifite](/man/wifite) [reaver](/man/reaver) [kismet](/man/kismet) [giskismet](/man/giskismet) [mfoc](/man/mfoc) [mfterm](/man/mfterm) [chirpw](/man/chirpw)

Exploitation tools

Frameworks and tools for exploiting confirmed vulnerabilities and moving through a network. [msfconsole](/man/msfconsole) [msfpc](/man/msfpc) [searchsploit](/man/searchsploit) [sqlmap](/man/sqlmap) [netexec](/man/netexec) [crackmapexec](/man/crackmapexec) [evil-winrm](/man/evil-winrm) [setoolkit](/man/setoolkit) [beef-xss](/man/beef-xss) [yersinia](/man/yersinia) [thc-ipv6](/man/thc-ipv6) [termineter](/man/termineter)

Sniffing & Spoofing

Capture, inspect, and manipulate network traffic. [wireshark](/man/wireshark) [tcpdump](/man/tcpdump) [mitmproxy](/man/mitmproxy) [bettercap](/man/bettercap) [ettercap](/man/ettercap) [netsniff-ng](/man/netsniff-ng) [driftnet](/man/driftnet) [macchanger](/man/macchanger)

Forensics

Analyze disks, memory dumps, and file artifacts after an incident. [autopsy](/man/autopsy) [volatility](/man/volatility) [binwalk](/man/binwalk) [bulk_extractor](/man/bulk_extractor) [foremost](/man/foremost) [hashdeep](/man/hashdeep) [chkrootkit](/man/chkrootkit) [galleta](/man/galleta) [mdb-sql](/man/mdb-sql) [sqlitebrowser](/man/sqlitebrowser)

Reporting tools

Capture evidence and organize findings for the report. [cutycapt](/man/cutycapt) [keepnote](/man/keepnote) [recordmydesktop](/man/recordmydesktop)