Folders and files Β
Β
Β
Β
Β
Β
Β
Β
View all files
Repository files navigation
π Information Gathering
π Vulnerability Analysis
π₯ Exploitation Tools
π‘ Wireless Attacks
π§βπ» Forensics Tools
β³ Stress Testing
π΅οΈββοΈ Sniffing & Spoofing
π Password Attacks
π Web Application Analysis
π§βπ» Reverse Engineering
π Reporting Tools
π Social Engineering Tools
𧩠Miscellaneous
π Information Gathering
π Nmap β Network scanning and mapping tool.
πΆ Kismet β Wireless network detector, sniffer, and intrusion detection.
π΅οΈ Maltego β OSINT and data mining tool for information analysis.
π¨ theHarvester β Tool to gather emails, subdomains, hosts, and more.
π Recon-ng β Full-featured web reconnaissance framework.
π΅οΈββοΈ SpiderFoot β Automate OSINT collection from multiple sources.
π Amass β Network mapping and external asset discovery tool.
ποΈ Sublist3r β Subdomain enumeration using search engines.
π§βπ» Assetfinder β Subdomain discovery using various sources.
π crt.sh β SSL certificate transparency log search engine.
π§ͺ Dnsrecon β Perform DNS enumeration and zone transfers.
π Fierce β DNS reconnaissance and attack tool.
π WHOIS β Domain registration and ownership lookup.
π¬ EmailHarvester β Email enumeration and gathering.
πΈοΈ Shodan β Search engine for internet-connected devices.
π₯ Censys β Search engine for hosts and networks on the internet.
π OSINT Framework β Collection of OSINT tools and resources.
π§βπ» FOCA β Metadata extraction and document analysis.
π‘οΈ Netcraft β Website profiling and phishing detection.
ποΈ BuiltWith β Website technology lookup and analysis.
π Vulnerability Analysis
π§ͺ OpenVAS β Open-source vulnerability scanner.
π‘οΈ Nessus β Commercial vulnerability assessment tool.
π΅οΈββοΈ Nikto β Web server scanner for detecting vulnerabilities.
πΊ Wapiti β Web application security scanner.
π§βπ» Vega β GUI-based web vulnerability scanner.
π·οΈ Arachni β Feature-rich web application security scanner.
π SQLmap β Automated SQL injection detection and exploitation tool.
πΈοΈ OWASP ZAP β Open-source web application security scanner.
π Nmap Vulners β Nmap NSE script for CVE detection.
π Retire.js β JavaScript library vulnerability scanner.
βοΈ Dependency-Check β Vulnerability analysis for project dependencies
π§βπ» Bandit β Security linter for Python code.
π Vuls β Agentless vulnerability scanner for Linux/FreeBSD servers.
π¦ Trivy β Vulnerability scanner for containers and dependencies.
π§βπ» Grype β Vulnerability scanner for container images and filesystems.
π§βπ» Safety β Python dependency security scanner.
π Lychee β Broken link checker with vulnerability detection potential.
π GitLeaks β Detect hardcoded secrets and sensitive data.
π§βπ» ScoutSuite β Multi-cloud security auditing tool.
π§βπ» CloudSploit β AWS security auditing tool.
π― Metasploit Framework β Powerful exploit development and penetration testing framework.
π Armitage β GUI front-end for Metasploit to visualize attacks
π BeEF (Browser Exploitation Framework) β Exploits browser vulnerabilities for client-side attacks.
π» ExploitDB β Archive of public exploits and proof-of-concept code.
π SearchSploit β Offline version of ExploitDB for quick exploit searching.
π sqlmap β Automated SQL injection exploitation tool.
π€ Commix β Automated command injection vulnerability scanner.
π₯οΈ RouterSploit β Exploits vulnerabilities in routers, IoT, and embedded devices.
π² SET (Social Engineering Toolkit) β Human hacking via phishing, payloads, and more.
π΅οΈββοΈ Empire β Post-exploitation framework for PowerShell agents.
π§βπ» Pupy β Cross-platform post-exploitation remote access tool (RAT).
𧨠Sliver β C2 framework for adversary simulation and red teaming.
π Shellter β Dynamic shellcode injector for Windows executables.
π¦ Merlin β Post-exploitation command & control server using HTTP/2.
π§ββοΈ Covenant β C#-based post-exploitation platform.
π PowerSploit β PowerShell scripts for post-exploitation.
π Windows Exploit Suggester β Suggests exploits based on Windows OS versions
π¦ PayloadsAllTheThings β Collection of payloads for exploits, fuzzing, and pentesting.
π§βπ» Fuzzbunch β NSAβs exploit framework (part of the Shadow Brokers leak).
π οΈ CrackMapExec β Swiss army knife for post-exploitation in Windows environments.
π‘ Aircrack-ng β WiFi cracking suite
π οΈ Reaver β WPS attack tool
π§βπ» Fern WiFi Cracker β Wireless network auditing tool
π Wifite β Automated wireless attack tool
π‘οΈ Kismet β Wireless network detector & sniffer
π MDK3 β Wireless network attack tool
π― PixieWPS β WPS offline attack tool
π§ WPA2 Wordlist Generator β Generate custom WPA2 wordlists
π΅οΈββοΈ Bully β WPS attack tool for brute-forcing
π Evil Twin β Create fake AP for capturing handshakes
π WiFi-Pumpkin β Man-in-the-middle framework for Wi-Fi networks
𧩠Airgeddon β Multi-use bash script for wireless auditing
π§βπ» Ghost Phisher β Wireless network attack tool for phishing
π§βπ§ NoCatSplash β Captive portal for Wi-Fi networks
π¦ Wifiphisher β Phishing tool for Wi-Fi networks
π‘ WLANPi β Wireless attack platform for pen-testers
π οΈ Cowpatty β Tool for offline WPA2 cracking
π Scapy β Python tool for packet manipulation and analysis
πΆ NetStumbler β Wi-Fi scanner for Windows
π Wi-Fi Pineapple β Wireless attack platform by Hak5
π§βπ» Forensics Tools
π§βπ» Autopsy β Digital forensics platform for analyzing hard drives and smartphones.
π§ Volatility β Memory forensics framework for analyzing RAM dumps.
ποΈ Binwalk β Firmware analysis tool for extracting embedded files.
π Sleuth Kit (TSK) β Command-line tools for disk image investigation.
π§βπ» ExifTool β Metadata extractor for images, videos, and documents.
ποΈ TestDisk β Disk recovery tool to restore lost partitions.
π PhotoRec β File recovery software for deleted files from disks.
π§βπ» Foremost β File carving tool for data recovery based on headers.
π Hashdeep β File hashing tool with recursive hashing & audit mode.
π§βπ» Bulk Extractor β Extracts email, URLs, and other artifacts from raw data.
ποΈ Digital Forensics Framework (DFF) β Open-source platform for digital forensics.
π§βπ» Xplico β Network forensics tool to reconstruct network sessions.
π§βπ» NetworkMiner β Passive network packet analyzer for network forensics.
π§βπ» Pdf-parser β Analyze and extract content from PDF files.
π§βπ» RegRipper β Windows registry analysis tool.
π§βπ» PEView β Portable executable (PE) file viewer for malware analysis.
π§βπ» YARA β Malware pattern-matching tool used by researchers.
π§βπ» HxD β Hex editor for raw disk editing and analysis.
π§βπ» FTK Imager β Disk imaging and evidence preview tool.
π§βπ» Capstone β Disassembly framework for binary analysis.
π Slowloris β HTTP DoS tool for keeping many connections open
π°οΈ LOIC β Low Orbit Ion Cannon for stress testing
π» HULK β HTTP flood tool that makes use of varied requests
π¦Έ GoldenEye β Python-based HTTP denial-of-service tool
π¨ Tsunami β Network stress testing and security evaluation
π R-U-Dead-Yet β Simple DoS testing tool
π§― DDoS-Sim β DDoS simulation tool
π₯ Xerxes β Powerful DDoS attack tool for testing purposes
π― Web-Hulk β Web server stress testing tool
π Synful β SYN flood tool for stress testing
π£ LOIC-PowerShell β PowerShell-based LOIC for DDoS testing
π T50 β A powerful stress testing tool that simulates multiple attack vectors
πͺοΈ RIP-Lite β Lightweight stress testing tool for HTTP and SOCKS
π Stress-ng β A tool that can stress test the CPU, RAM, I/O, and more
π οΈ XDT β DDoS testing tool with multi-protocol support
π₯ Botnet β DDoS botnet attack simulation tool
π¨ DDOS-Exploit β Exploit kit for DDoS stress testing
π‘οΈ Fudp β A multi-threaded UDP flooder for stress testing
β‘ BlackHAT β A stress testing framework for web applications
π΅οΈββοΈ Sniffing & Spoofing
π Wireshark β Network protocol analyzer
π΅οΈββοΈ Ettercap β Man-in-the-middle attack tool
β‘ BetterCAP β Flexible network attack & monitoring tool
π‘ Tcpdump β Command-line packet analyzer
π Nessus β Vulnerability scanner with sniffing capabilities
π Scapy β Python-based interactive packet manipulation program
π MITMf β Man-in-the-middle framework for network attacks
π¦ Fakenet-NG β Fake network traffic generation tool
πΎ Dsniff β Collection of network monitoring tools for penetration testers
π― Responder β LLMNR, NBT-NS, and MDNS poisoner for internal network attacks
π» Ettercap-NG β Enhanced version of Ettercap with additional features
π§βπ» Arp-Spoof β Tool to intercept network traffic by sending ARP packets
π WiFi-Pumpkin β WiFi spoofing tool
π£ Aircrack-ng β Suite for wireless network auditing and cracking WEP/WPA keys
𧩠Xplico β Network forensics tool that extracts applications' data from pcap files
π Pry-Fi β A tool to find and exploit vulnerabilities in wireless networks
π΅οΈββοΈ Kismet β Wireless network detector, sniffer, and intrusion detection system
π Burp Suite β Web vulnerability scanner and network attack tool with advanced interception features
π» Snoopy β Sniffing & spoofing tool focused on DNS & HTTP traffic
π‘ Snort β Open-source network intrusion detection & prevention system
π₯ John the Ripper β Password cracking tool for various password hashes.
π§βπ» Hydra β Brute-force tool that supports a wide range of protocols.
β‘ Hashcat β Advanced password recovery using GPUs.
π Medusa β A speedy, parallelized login brute-forcer.
π Aircrack-ng β WiFi password cracking suite.
π Wifite β Wireless network attack tool focused on WPA/WPA2.
π§ THC-Hydra β A very fast network login cracker.
π― Hash-Toolkit β A tool for password hash cracking.
π οΈ Brutus β An old but reliable password cracker for HTTP, FTP, and more.
π Burp Suite β A popular web vulnerability scanner with password attack features.
π§βπ» Ophcrack β A Windows password cracker using rainbow tables.
π» Cain & Abel β A versatile tool for cracking various password hashes, sniffing networks, and decoding passwords.
π L0phtCrack β Windows password auditing and recovery tool.
𧩠CrackStation β A free online service for cracking password hashes using dictionary attacks.
π RainbowCrack β A tool that utilizes rainbow tables to crack passwords.
π§βπ» Medusa β Parallelized login brute-forcer for multiple protocols.
π₯ Patator β A multi-purpose brute-forcing tool that supports numerous protocols.
π‘οΈ RSMangler β A hash bruteforce tool for creating password dictionaries.
π§βπ» CrackMapExec β A post-exploitation tool for automating credential validation.
π΅οΈββοΈ SudoKiller β A tool for privilege escalation that can be used for password cracking in Unix-based systems.
π Web Application Analysis
π§βπ» Burp Suite β Web security testing toolkit.
π΅οΈ OWASP ZAP β Open-source web application scanner.
π SQLmap β Automated SQL injection tool.
π Wappalyzer β Identify technologies on websites.
π§βπ» Dirb β Web content scanner.
π Gobuster β Directory and DNS brute-forcing.
π Nikto β Web server vulnerability scanner.
π§βπ» Sublist3r β Subdomain enumeration.
π΅οΈ Amass β Network mapping and subdomain enumeration.
π Httpx β Fast HTTP probing.
π FFUF β Fast web fuzzer.
π§βπ» WhatWeb β Identify web technologies.
π οΈ Nuclei β Vulnerability scanning and templating.
π§βπ» XSStrike β XSS detection and exploitation.
π Commix β Automated command injection.
π₯ WPScan β WordPress security scanner.
π‘οΈ Cmsmap β CMS detection and exploitation.
π Arachni β Advanced web vulnerability scanner.
π΅οΈ Waybackurls β Fetch URLs from Wayback Machine.
π§βπ» Unfurl β Extract URLs and data from URLs.
π§βπ» Reverse Engineering
π§ Ghidra β Open-source software reverse engineering framework.
π Radare2 β Command-line reverse engineering toolkit.
π οΈ OllyDbg β 32-bit assembler-level debugger for Windows.
π§βπ» IDA Pro β Industry-standard interactive disassembler
π Binary Ninja β Interactive binary analysis platform.
π‘οΈ x64dbg β Open-source Windows debugger for x64 and x86.
𧬠Cutter β GUI for Radare2 with advanced analysis features.
π Hopper β Mac & Linux disassembler with powerful analysis.
π§βπ» dnSpy β .NET debugger and assembly editor.
π RetDec β Open-source decompiler for machine code.
βοΈ angr β Python framework for binary analysis.
π§βπ» Frida β Dynamic instrumentation toolkit.
π Binary Analysis Toolkit (BAT) β Malware analysis and binary inspection.
π Rizin β Fork of Radare2 with a focus on usability.
ποΈ PEiD β Detect packers, cryptors, and compilers.
π§βπ» DiE (Detect It Easy) β Portable executable identifier.
π LIEF β Library for parsing and modifying executables.
π Snowman β Native code to C++ decompiler.
π§βπ» APKTool β Decompile and rebuild Android APKs.
π JEB Decompiler β Commercial decompiler for Android and other platforms.
π Dradis β Collaboration and reporting platform for pentesters.
π§βπ» Faraday β Multi-user penetration testing IDE.
π³ MagicTree β Pentesting productivity tool for data aggregation and reporting.
π Serpico β Simplifying pentest reporting using templates.
π LaTeX β High-quality typesetting system often used for security reports.
π reNgine β Automated reconnaissance framework with reporting.
π§βπ» ReconNote β Web-based notes manager for recon and reporting.
π Pentracker β Pentest reporting and management tool.
π Markdown β Lightweight markup language for clean report writing.
π Ghostwriter β Reporting and engagement management platform.
π VulnReport β Automated vulnerability reporting platform.
π Katana Framework β Post-exploitation and reporting utility.
π Pentest-Report-Template β Professional pentest report LaTeX template.
π ProofSuite β Automated proof of concept and reporting tool.
π§βπ» VulnWhisperer β Vulnerability management reporting with Nessus, Qualys, and OpenVAS.
π RiskSense β Risk-based vulnerability management and reporting.
π Pentestly β Powershell-based post-exploitation and reporting.
π SecReport β Report generation tool for pentesters.
π PwnDoc β Pentest reporting tool with customizable templates.
π§βπ» PenTest-Wiki β Knowledge base for pentesting & reporting references.
π Social Engineering Tools
π§βπ» SET (Social-Engineer Toolkit) β Advanced framework for social engineering attacks.
π§ King Phisher β Phishing campaign toolkit for testing and training.
π£ Phishing Frenzy β Phishing campaign automation platform.
πͺ€ Gophish β Open-source phishing toolkit for awareness and testing.
π© Evilginx2 β Phishing toolkit using reverse proxy for capturing credentials & tokens.
π΅οΈββοΈ HiddenEye β Modern phishing tool with advanced social engineering features.
π₯ BlackEye β Phishing tool with site cloning capabilities.
π Zphisher β Advanced phishing tool with tunneling support.
π‘ SocialFish β Social engineering phishing framework.
π§βπ» HiddenEye Reborn β Improved version of HiddenEye for phishing & spoofing.
π§βπ» EvilPhish β Social engineering tool for phishing websites.
π¬ ShellPhish β Automated phishing tool supporting multiple templates.
π§βπ» CamPhish β Webcam phishing attack tool.
π΅οΈ Weeman β HTTP server-based phishing framework.
π² QRGen β QR code phishing generator
π΅οΈ PyPhisher β Python-based phishing toolkit with multiple site templates.
πΈοΈ AdvPhishing β Advanced phishing tool with login page cloning.
π― SocialBox β Brute-force social media hacking toolkit.
π§βπ» XPhisher β Advanced phishing tool with inbuilt tunneling.
π CredSniper β Phishing framework with two-factor authentication bypass support.
π Kali Linux β Advanced penetration testing and security auditing OS.
π¦ Parrot Security OS β Security-focused OS for pentesting and privacy.
π§βπ» BackBox β Ubuntu-based Linux distro for penetration testing.
π΅οΈ BlackArch Linux β Arch-based OS with 2800+ hacking tools.
π Pentoo β Security-focused Gentoo-based Linux.
π§βπ» Tails β Privacy and anonymity-focused live OS.
π§ͺ CAINE β Digital forensics live Linux distro.
π§βπ» Bugtraq β Linux distro for pentesting & malware analysis.
π Whonix β Anonymous OS based on Tor.
π§ DEFT Linux β Digital evidence & forensics toolkit.
π Subgraph OS β Secure Linux distro with hardened kernel.
π§βπ» ArchStrike β Arch Linux repository for security tools.
π§βπ» Fedora Security Lab β Fedora spin for security auditing.
π§βπ» SamuraiWTF β Web application penetration testing environment.
π Cyborg Hawk β Security distro for penetration testing.
π§βπ» Matriux Krypton β Debian-based security distribution.
π₯ NodeZero β Ubuntu-based penetration testing OS.
π§βπ» GnackTrack β Linux live distribution for penetration testing.
π‘οΈ SELKS β Suricata-based IDS/IPS platform.
π΅οΈββοΈ PentestBox β Penetration testing toolkit for Windows.
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
You canβt perform that action at this time.