| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| ASLRay | [Source] | Tool for ASLR bypass with stack-spraying | Shell | Free | False | |
| heaphopper | [Website] | [Source] | Bounded model checking framework for Heap-implementations | Python | Free | False |
| libformatstr | [Source] | Library to simplify format string exploitation | Python | Free | False | |
| pwntools | [Source] | Framework and exploit development library | Python | Free | False | |
| ROPgadget | [Website] | [Source] | Framework for ROP exploitation | Python | Free | False |
Tools
Note: Paid softwares may exist in a free limited version or a demo version
Binary Exploitation
Bug Bounty
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bountyplz | [Source] | Automated bug bounty reporting/submission, supports HackerOne and Bugcrowd | Shell | Free | False |
Code Analysis
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| AndroBugs Framework | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| MobSF | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| NodeJsScan | [Source] | Static security code scanner for Node.js applications | Python | Free | False | |
| QARK | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| StaCoAn | [Source] | Mobile applications static code analysis tool | Python | Free | False | |
| SUPER | [Website] | [Source] | Android APK vulnerability analyzer | Rust | Free | False |
Collaboration and Report
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Archery | [Website] | [Source] | Vulnerability Assessment and Management tool, run scan and manage vulnerabilities | Python | Free | False |
| DART | [Source] | Documentation And Reporting Tool; Collaborative penetration test and vulnerability management platform | Python | Free | False | |
| Dradis | [Website] | [Source] | Collaborative penetration test and vulnerability management platform | Ruby | Paid | False |
| Faraday | [Website] | [Source] | Collaborative penetration test and vulnerability management platform | Python | Paid | False |
| Kvasir | [Source] | Pentest data management tool | Python | Free | False | |
| Lair | [Website] | [Source] | Collaborative penetration test and vulnerability management platform | JavaScript | Free | False |
| OWASP PenText | [Website] | [Source] | Collection of XML templates, XML schemas and XSLT code, to generate IT security documents including test reports, offers and invoices | Free | False | |
| Prithvi | [Website] | [Source] | Report generation tool for pentester with provided OWASP data | JavaScript | Free | False |
| Serpico | [Source] | SimplE RePort wrIting and CollaboratiOn tool, penetration testing report generation and collaboration tool | Ruby | Free | False | |
| Sh00t | [Source] | Pentesting platform with dynamic task manager, checklists, bug template & bug report | Python | Free | False | |
| Vulnreport | [Website] | [Source] | Pentesting management and automation platform | Ruby | Free | False |
| MISP | [Website] | [Source] | Malware Information Sharing Platform, an Open Source threat intelligence plateform and open standards for threat information sharing | PHP | Free | False |
Configuration audit
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Nipper Studio | [Website] | Tool that parse router, switch, firewall configuration to discover vulnerabilities | Paid | False | ||
| Nipper-ng | [Source] | Tool that parse router, switch, firewall configuration to discover vulnerabilities | Cplusplus | Free | False |
Cracking
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Cracklord | [Website] | [Source] | Scalable, pluggable, and distributed system for password cracking | Go | Free | False |
| GoCrack | [Source] | Management frontend for password cracking tools, supporting hashcat | Go | Free | False | |
| Hashcat | [Website] | [Source] | Password cracking tool | C | Free | False |
| Hashtopolis | [Source] | Hashcat wrapper for distributed hashcracking | PHP | Free | False | |
| Hashview | [Website] | [Source] | Web-UI for managing, organizing, automating hashcat commands/tasks | Ruby | Free | False |
| Hydra | [Website] | [Source] | Network login cracker | C | Free | False |
| John The Ripper | [Website] | Password cracking tool | C | Free | False | |
| John the Ripper, Jumbo version | [Website] | [Source] | Password cracking tool, community-enhanced version of John The Ripper | C | Free | False |
| Medusa | [Website] | Network login cracker | Free | False | ||
| Medusa-gui | [Source] | GUI for Medusa | Java | Free | False | |
| Ncrack | [Website] | [Source] | Network login cracker | Cplusplus | Free | False |
| Nozzlr | [Source] | Bruteforce framework | Python | Free | False | |
| Ophcrack | [Website] | [Source] | Windows password cracker based on rainbow tables | Free | False | |
| Patator | [Source] | Multi-protocol bruteforce tool | Python | Free | False |
Cryptography
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| crypto-identifier | [Source] | Tool that try to identify what cipher is used and uncipher the data | Python | Free | False | |
| Crypton | [Source] | Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Hashing Algorithms along with example challenges from CTFs | Python | Free | False | |
| Dcode | [Website] | Code and decode all kind of checksums, algorithms, codes or ciphers | Free | True | ||
| FeatherDuster | [Source] | Cryptanalysis tool and library | Python | Free | False | |
| PkCrack | [Website] | Tool for breaking PkZip encryption | Free | False | ||
| RsaCtfTool | [Source] | Tool to conduct manual or automated attack on RSA | Python | Free | False | |
| RSATool | [Source] | Tool to calculate RSA parameters | Python | Free | False | |
| RSHack | [Source] | RSA attack and key manipulation tool | Free | False | ||
| XORTool | [Source] | Tool to analyze multi-byte xor cipher | Python | Free | False |
Digital Forensics
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Cerbero Profiler | [Website] | File analyzer and inspector | Paid | False | ||
| dnscat2 | [Source] | Encrypted command-and-control (C&C) channel over the DNS protocol, data exfiltration | Cplusplus | Free | False | |
| ExifTool | [Website] | [Source] | Library and CLI tool for reading, writing and editing metadata for a lot of file types | Perl | Free | False |
| extundelete | [Website] | [Source] | Tool to recover deleted files from an ext3 or ext4 partition | Free | False | |
| Fibratus | [Source] | Tool for exploration and tracing of the Windows kernel | Python | Free | False | |
| Foremost | [Website] | [Source] | CLI tool to recover files based on their headers, footers, and internal data structures | Free | False | |
| rekall | [Website] | [Source] | Volatile memory extraction utility | Python | Free | False |
| ResourcesExtract | [Website] | Scans dll/ocx/exe files and extract all resources found, Windows only | Free | False | ||
| shellbags | [Source] | Shellbag parser (Windows Registry Keys) | Python | Free | False | |
| volatility | [Website] | [Source] | Volatile memory extraction utility | Python | Free | False |
Honeypot and Decoy
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| DejaVU | [Source] | Deception framework which can be used to deploy decoys across the infrastructure | Free | False |
Incident Response
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| DFIRTrack | [Source] | Incident response tracking web application, focused on handling one major incident with a lot of affected systems | Python | Free | False |
Intentionally Vulnerable Applications
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bWAPP | [Website] | [Source] | Buggy Web Application, insecure webapp for security trainings | PHP | Free | False |
| DVIA | [Website] | [Source] | Damn Vulnerable iOS App, insecure webapp for mobile security trainings | Swift | Free | False |
| DVWA | [Website] | [Source] | Damn Vulnerable Web Application, insecure webapp for security trainings | PHP | Free | False |
| Google Gruyere | [Website] | [Source] | Codelab for white-box and black-box hacking | Python | Free | True |
| Hackazon | [Source] | Intentionally vulnerable web shopping application using modern technologies and containing configurable areas | PHP | Free | False | |
| OWASP Mutillidae II | [Website] | [Source] | Intentionally vulnerable web-application containing some OWASP Top Ten vulnerabilities, with hints and switch for secure version of the code | PHP | Free | False |
| OWASP WebGoat | [Website] | [Source] | Deliberately insecure web application to teach web application security lessons | Java | Free | False |
| XVNA | [Source] | Extreme Vulnerable Node Application, insecure webapp for security trainings | JavaScript | Free | False |
Networking
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| archtorify | [Source] | Script for Arch Linux which use iptables settings to create a transparent proxy through Tor Network | Shell | Free | False | |
| bettercap | [Website] | [Source] | MITM framework | Ruby | Free | False |
| BruteX | [Source] | Tool using nmap and hydra to automatically bruteforce network service accounts | Shell | Free | False | |
| CapAnalysis | [Website] | [Source] | PCAP analyzer | C | Free | True |
| chisel | [Source] | Fast TCP tunneling over HTTP secured by SSH | Go | Free | False | |
| CloudShark | [Website] | PCAP analyzer | Paid | True | ||
| Garfield | [Source] | Attack framework for distributed systems | Python | Free | False | |
| kalitorify | [Source] | Script for Kali Linux which use iptables settings to create a transparent proxy through Tor Network | Shell | Free | False | |
| Masscan | [Source] | Port scanner for massive networks | C | Free | False | |
| nemesis | [Website] | [Source] | Packet manipulation CLI tool; craft and inject packets of several protocols | Python | Free | False |
| Netfort Free Cloud Based PCAP Analysis | [Website] | PCAP analyzer; needs registration | Free | True | ||
| NetworkMiner | [Website] | Network sniffer/packet capturing tool | Free | False | ||
| NetworkTotal | [Website] | PCAP analyzer; using Suricata | Free | True | ||
| Nipe | [Source] | Script to make TOR as default gateway | Perl | Free | False | |
| Nmap | [Website] | [Source] | Tool for network discovery and security auditing | C | Free | False |
| NMapGUI | [Source] | Advanced GUI for Nmap | Java | Free | False | |
| PacketFu | [Source] | Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols | Ruby | Free | False | |
| PacketTotal | [Website] | PCAP analyzer; using Bro, Suricata and Elasticsearch | Free | True | ||
| PacketWhisper | [Source] | Stealthy Data exfiltration via DNS, without the need for attacker-controlled Name Servers or domain | Python | Free | False | |
| polarbearscan | [Website] | [Source] | Port scanner and banner grabber | C | Free | False |
| Polymorph | [Source] | Real-time network packet manipulation framework | Python | Free | False | |
| Responder | [Source] | LLMNR, NBT-NS and MDNS poisoner to intercept authentication requests/answers | Python | Free | False | |
| Scapy | [Website] | [Source] | Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols | Python | Free | False |
| Seth | [Source] | RDP MitM tool | Python | Free | False | |
| Singularity | [Website] | [Source] | DNS rebinding attack framework | Go | Free | False |
| ssh-audit | [Source] | SSH scanner that detects protocol, version, grab banner, recognize software and operating system, output algorithm information and recommendations | Python | Free | False | |
| Whonow | [Source] | DNS Server for executing DNS Rebinding attacks | JavaScript | Free | False | |
| Wireshark | [Website] | [Source] | Network protocol analyzer | Cplusplus | Free | False |
| yersinia | [Source] | Framework for layer 2 attacks | C | Free | False | |
| Zenmap | [Website] | [Source] | GUI for Nmap | Python | Free | False |
| Zmap | [Website] | [Source] | Collection of tools to scan and study massive networks | C | Free | False |
OSINT and Reconnaissance
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Amass | [Source] | Tool for subdomain enumeration | Go | Free | False | |
| badKarma | [Source] | Advanced network reconnaissance tool | Python | Free | False | |
| Belati | [Source] | OSINT tool, collect data and document actively or passively | Python | Free | False | |
| datasploit | [Website] | [Source] | OSINT framework, find, aggregate and export data | Python | Free | False |
| EagleEye | [Source] | OSINT tool, image recognition on instagram, facebook and twitter | Python | Free | False | |
| eTools.ch | [Website] | Metasearch engine, query 16 search engines in parallel | Free | True | ||
| Facebook_OSINT_Dump | [Source] | OSINT tool, facebook profile dumper, windows and chrome only | Shell | Free | False | |
| FOCA | [Website] | [Source] | OSINT framework and metadata analyser | Csharp | Free | False |
| gOSINT | [Source] | OSINT framework; find mails, dumps, retrieve Telegram history and info about hosts | Go | Free | False | |
| Harpoon | [Source] | CLI tool; collect data and document actively or passively | Python | Free | False | |
| Kostebek | [Source] | Tool to find firms domains by searching their trademark information | Python | Free | False | |
| leakScraper | [Source] | Set of tools to process and visualize huge text files containing credentials | Python | Free | False | |
| LinEnum | [Source] | System script for local Linux enumeration and privilege escalation checks | Shell | Free | False | |
| ODIN | [Source] | Observe, Detect, and Investigate Networks, Automated reconnaissance tool | Python | Free | False | |
| Omnibus | [Source] | OSINT framework; collection of tools | Python | Free | False | |
| OSINT Framework | [Website] | [Source] | A web-based collection of tools and resources for OSINT | Javascript | Free | True |
| Photon | [Source] | Fast crawler designed for OSINT | Python | Free | False | |
| PITT | [Source] | Web browser loaded with links and extensions for doing OSINT | Free | False | ||
| ReconDog | [Source] | Multi-purpose reconnaissance tool, CMS detection, reverse IP lookup, port scan, etc. | Python | Free | False | |
| Reconnoitre | [Source] | Tool made to automate information gathering and service enumeration while storing results | Python | Free | False | |
| Red Team Arsenal | [Source] | Automated reconnaissance scanner and security checks | Python | Free | False | |
| Sandmap | [Website] | [Source] | Network and system reconnaissance scanner using Nmap | Shell | Free | False |
| SiteBroker | [Source] | Tool for information gathering and penetration test automation | Python | Free | False | |
| Sn1per | [Source] | Automated reconnaissance scanner | Shell | Free | False | |
| spiderfoot | [Website] | [Source] | OSINT framework, collect and manage data, scan target | Python | Free | False |
| Sublist3r | [Source] | Subdomains enumeration tool | Python | Free | False | |
| Th3inspector | [Source] | Multi-purpose information gathering tool | Perl | Free | False | |
| tinfoleak | [Source] | Twitter intelligence analysis tool | Python | Free | False | |
| trape | [Source] | Analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time | Python | Free | False |
Other
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Firefox Monitor | [Website] | Service to check if an account has been compromised in a data breach | Free | True | ||
| Have i been pwned? | [Website] | Service to check if an account has been compromised in a data breach | Free | True | ||
| hideNsneak | [Source] | CLI tool for ephemeral penetration testing, rapidly deploy and manage various cloud services | Go | Free | False | |
| inlite | [Website] | Scan QR-code, 1D, DataMatrix, Postal, PDF417, and more | Free | True | ||
| Metasploit | [Website] | [Source] | Tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit, 4 versions: Pro (paid), Express (paid), Community (free with GUI but on request), Framework (free, open source, CLI) | Ruby | Paid | False |
| PentestBox | [Website] | [Source] | Pre-configured portable penetration testing environment for Windows, all-in-one box | Free | False | |
| PWDQUERY | [Website] | Service to check if an account has been compromised in a data breach | Free | True | ||
| Scrounger | [Source] | Mobile application testing toolkit, the mobile metasploit-like framework | Python | Free | False | |
| Tool-X | [Source] | Kali linux hacking tool installer | Python | Free | False | |
| v0lt | [Source] | CTF toolkit / framework | Python | Free | False | |
| webqr | [Website] | Scan & create QR-code | Free | True | ||
| ysoserial | [Source] | Tool for generating payloads that exploit unsafe Java object deserialization | Java | Free | False |
Plugins
| Name | For | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|---|
| AWS Extender | Burp Suite | [Source] | Identify and test S3 buckets, Google Storage buckets and Azure Storage containers for common misconfiguration | Python | Free | False | |
| GEF | GDB | [Source] | GDB Enhanced Features, multi-architecture | Python | Free | False | |
| PEDA | GDB | [Source] | Python Exploit Development Assistance, (only python2.7) | Python | Free | False | |
| Pwndbg | GDB | [Source] | Enhance GDB, for exploit development and reverse engineering | Python | Free | False | |
| Sploitego | Maltego | [Source] | Maltego penetration testing Transforms | Python | Free | False | |
| XSSor | Burp Suite | [Source] | semi-automatic reflected and persistent XSS scanner | Python | Free | False |
Reverse Engineering
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| androguard | [Source] | Tool for reverse engineering and malware analysis of Android applications | Python | Free | False | |
| angr | [Source] | Platform-agnostic binary analysis framework | Python | Free | False | |
| ANY RUN | [Website] | Online virtual machine for malware hunting, sandbox with interactive access, real-time data-flow | Free | True | ||
| Apk2Gold | [Source] | Android decompiler (wrapper for apktool, dex2jar, and jd-gui) | Shell | Free | False | |
| Apktool | [Website] | [Source] | Android disassembler and rebuilder | Java | Free | False |
| arm_now | [Source] | Tool that allows instant setup of virtual machines on various architectures for reverse, exploit, fuzzing and programming purpose | Python | Free | False | |
| Barf | [Source] | Binary Analysis and Reverse engineering Framework | Python | Free | False | |
| Binary Ninja | [Website] | Crossplatform binary analysis framework | Python | Paid | False | |
| binutils | [Website] | [Source] | GNU collection of binary tools | C | Free | False |
| binwalk | [Source] | Analyze, reverse engineer and extract firmware images (and other files, also usefull for Digital Forensics) | Python | Free | False | |
| boomerang | [Source] | x86 binaries to C decompiler | Cplusplus | Free | False | |
| ctf_import | [Website] | [Source] | Library to run basic functions from stripped binaries | C | Free | False |
| CFF Explorer | [Website] | PE Editor | Free | False | ||
| Cutter | [Source] | Qt and C++ GUI for radare2 | CPlusPlus | Free | False | |
| Defuse online disassembler | [Website] | Online x86 (32/64 bits) assembler and disassembler | Free | True | ||
| Droidefense | [Website] | [Source] | Android apps/malware analysis/reversing tool | Java | Free | False |
| Flare | [Website] | Processes SWF and extract scripts from it | Free | False | ||
| Flasm | [Website] | [Source] | Disassembler tool for SWF bytecode | Free | False | |
| Frida | [Website] | [Source] | Dynamic code instrumentation toolkit | C | Free | False |
| GDB | [Website] | [Source] | GNU debugger | Cplusplus | Free | False |
| Hiew | [Website] | x86_64 disassembler for multiple formats | Paid | False | ||
| Hopper | [Website] | Disassembler, decompiler and debugger | Paid | False | ||
| IDA Pro | [Website] | Disassembler and debugger | Paid | False | ||
| ILSpy | [Source] | .NET assembly browser and decompiler to C# | CSharp | Free | False | |
| ImmunityDbg | [Website] | Windows debugger with Python scripting support | Free | False | ||
| jadx | [Source] | DEX to Java decompiler | Java | Free | False | |
| Java Decompilers | [Website] | .JAR and .Class to Java decompiler | Free | True | ||
| JD-GUI | [Website] | GUI tool decompiling JAVA | Java | Free | False | |
| JEB | [Website] | Disassembler, decompiler and debugger | Paid | False | ||
| JPEXS Free Flash Decompiler | [Source] | A.k.a ffdec, flash SWF decompiler | Java | Free | False | |
| JSDetox | [Website] | [Source] | Javascript deobfustcator | Ruby | Free | False |
| Kemon | [Source] | macOS kernel pre and post callback-based framework | C | Free | False | |
| Krakatau | [Source] | Java decompiler, assembler, and disassembler | Java | Free | False | |
| ldd | [Website] | Tool that print shared library dependencies | Free | False | ||
| Metasm | [Website] | [Source] | Assembler, disassembler, compiler and debugger | Ruby | Free | False |
| Medusa | [Source] | Interactive multi-architecture and multi-formats disassembler running on Windows and Linux | Cplusplus | Free | False | |
| ODA | [Website] | Advanced multi-architecture online disassembler supporting a lot of architectures and object file formats | Free | True | ||
| OllyDbg | [Website] | Windows debugger | Free | False | ||
| PE Explorer Disassembler | [Website] | Windows disassembler | Paid | False | ||
| PE Insider | [Website] | PE viewer, closed source and windows only | Free | False | ||
| Plasma | [Source] | x86/ARM/MIPS interactive disassembler | Python | Free | False | |
| Qira | [Website] | [Source] | Timeless debugger (QIRA = QEMU Interactive Runtime Analyser) | C | Free | False |
| RABCDAsm | [Website] | [Source] | ActionScript disassembler | D | Free | False |
| radare2 | [Website] | [Source] | Crossplatform binary analysis framework, disassembler, decompiler and debugger, support collaborative analysis | C | Free | False |
| Relyze | [Website] | x86 and ARM graphical interactive disassembler with Ruby plugin framework | Paid | False | ||
| RetDec | [Website] | [Source] | Multi file formats and architectures machine-code decompiler | Cplusplus | Free | False |
| sandsifter | [Source] | x86 processor fuzzer | Python | Free | False | |
| Snowman | [Website] | [Source] | Native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures, exists as standalone app or as a plug-in | Cplusplus | Free | False |
| strace | [Source] | Debugger for Linux | Free | False | ||
| Swftools | [Website] | [Source] | Collection of utilities to work with SWF files | C | Free | False |
| Triton | [Website] | [Source] | Dynamic binary analysis framework, automate reverse engineering | Cplusplus | Free | False |
| UglifyJS2 | [Website] | [Source] | JavaScript obfuscator or beautifier toolkit | JavaScript | Free | False |
| uncompyle | [Source] | Python 2.7 binaries (.pyc) decompiler | Python | Free | False | |
| uncompyle6 | [Source] | Python 1.5, 2.1 to 2.7, 3.1 to 3.6 binaries (.pyc) decompiler | Python | Free | False | |
| Vais | [Source] | SWF vulnerability and information scanner | Ruby | Free | False | |
| WinDbg | [Website] | Windows debugger | Free | False | ||
| x64dbg | [Website] | [Source] | Windows debugger | Cplusplus | Free | False |
| XenoScan | [Source] | Processes memory scanner | Cplusplus | Free | False | |
| Xori | [Website] | [Source] | Disassembly and static analysis library that provides triage analysis data | Rust | Free | False |
| xxxswf | [Source] | Small script for carving, scanning, compressing, decompressing and analyzing SWF files | Python | Free | False |
Steganography
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Audacity | [Website] | [Source] | Tool to edit and analyze audio tracks | Free | False | |
| exif | [Source] | Shows EXIF information for JPEG files only | C | Free | False | |
| ExifTool | [Website] | [Source] | Library and CLI tool to read and write meta information (EXIF, GPS, IPTC, XMP, JFIF, …) in files (JPEG, PNG, SVG, MPEG, …) | Perl | Free | False |
| Exiv2 | [Website] | [Source] | Library and CLI tool to read and write meta information (Exif, IPTC & XMP metadata and ICC Profile) in images (JPEG, TIFF, PNG, …) | Cplusplus | Free | False |
| ImageMagick | [Website] | [Source] | Software suite and library to create, edit, compose, or convert images | C | Free | False |
| Outguess | Tool to hide messages in files (website down since 2004) | Free | False | |||
| PNGtools | [Website] | [Source] | Suite of tools to work with PNG images | C | Free | False |
| SHIT | [Source] | Stego Helper Identification Tool, multi-purpose image steganography tool | Python | Free | False | |
| SmartDeblur | [Source] | To to restore defocused and blurred images (update binary only for Windows, Mac OS binary out of date) | Cplusplus | Free | False | |
| Sonic Visualiser | [Website] | [Source] | Tool to edit and analyze audio tracks | Free | False | |
| Steganabara | [Source] | Steganography analysis tool | Java | Free | False | |
| Steghide | [Website] | [Source] | Tool to hide messages in images | Free | False | |
| StegoVeritas | [Source] | Automatic tool to bruteforce LSB, transform image, extract metadata or trailing data | Python | Free | False | |
| StegSolve | GUI tool to analyse images | Java | Free | False | ||
| zsteg | [Source] | Tool to detect hidden data in PNG and BMP | Ruby | Free | False |
System Exploitation
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bkhive | [Source] | Dump the syskey bootkey from a Windows NT/2K/XP system hive, often used with samdump2, part of the ophcrack project | Free | False | ||
| BloodHound | [Website] | [Source] | Tool to reveal the hidden and unintended relationships within an Active Directory environment | PowerShell | Free | False |
| CrackMapExec | [Source] | Post-exploitation tool to asses Active Directory networks | Python | Free | False | |
| creddump | [Source] | Dump windows credentials | Python | Free | False | |
| DLLInjector | [Source] | Dll injection tool | Cplusplus | Free | False | |
| DLLPasswordFilterImplant | [Source] | Password filter DLL, triggered on password change to exfiltrate credentials | C | Free | False | |
| Empire | [Website] | [Source] | PowerShell and Python post-exploitation agent | Shell | Free | False |
| Empire GUI | [Website] | [Source] | GUI for Empire framework | JavaScript | Free | False |
| FFM | [Source] | Freedom Fighting Mode (FFM), hacking harness, post-exploitation tool | Python | Free | False | |
| goddi | [Source] | Active Directory domain information dumper | Go | Free | False | |
| LaZagne | [Source] | Password retriever | Python | Free | False | |
| lynis | [Website] | [Source] | Security auditing and hardening tool, for UNIX-based systems | Shell | Free | False |
| Nishang | [Source] | Framework, collection of scripts and payloads in PowerShell for offensive security, penetration testing and red teaming | PowerShell | Free | False | |
| p0wnedShell | [Source] | PowerShell runspace post exploitation toolkit | CSharp | Free | False | |
| PowerSploit | [Source] | Powershell exploitation framework | Powershell | Free | False | |
| samdump2 | [Source] | Retrieves syskey and extract hashes from Windows 2k/NT/XP/Vista SAM, often used with bkhive, part of the ophcrack project | Free | False | ||
| SharpShooter | [Source] | Payload Generation Framework for C# source code | VB | Free | False | |
| ShellPop | [Source] | Tool to craft bind and reverse shells in several languages | Python | Free | False | |
| unicorn | [Source] | Tool for using a PowerShell downgrade attack and inject shellcode into memory | Python | Free | False |
Threat Intelligence
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Maltego | [Website] | Interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet (exists in Community Edition) | Paid | False | ||
| threatfeeds.io | [Website] | Open-source threat intelligence feeds; sharing malware URLs, IP reputation, bad IPs, etc. | Free | True |
Vulnerability Assessment
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| cvss-suite | [Source] | CVSS calculator library | Ruby | Free | False |
Web Application Exploitation
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Acunetix | [Website] | Web application security scanner | Paid | True | ||
| Arachni | [Website] | [Source] | Web application security scanner framework | Ruby | Free | False |
| AssassinGo | [Website] | [Source] | Web pentest framework for information gathering and vulnerability scanning | Go | Free | False |
| Astra | [Website] | [Source] | REST API penetration testing tool | Python | Free | False |
| Blazy | [Source] | Login page bruteforcer: CSRF, SQLi, Clickjacking, WAF detection | Python | Free | False | |
| Burp Suite | [Website] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests (a limited free version exists) | Java | Paid | False | |
| Charles | [Website] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Paid | False | |
| CloudFrunt | [Source] | Scanner to identify misconfigured CloudFront domains | Python | Free | False | |
| CMSeek | [Source] | CMS detection and exploitation suite; capable of detecting more than 130 CMS | Python | Free | False | |
| CMSmap | [Source] | WordPress, Joomla, Drupal, Moodle CMS security scanner | Python | Free | False | |
| CMSScan | [Source] | Wordpress, Drupal, Joomla, vBulletin CMS security scanner with dashboard | Python | Free | False | |
| commix | [Website] | [Source] | Web-based command injection tester | Python | Free | False |
| CSWSH | [Website] | Cross-Site WebSocket Hijacking Tester | Free | False | ||
| dirb | [Website] | [Source] | Web content scanner (dictionary based) | Free | False | |
| distributed-jwt-cracker | [Website] | [Source] | HS256 JWT token distributed brute force cracker | JavaScript | Free | False |
| DotDotPwn | [Website] | [Source] | Directory Traversal fuzzer | Perl | Free | False |
| dvcs-ripper | [Source] | Dump web accessible (distributed) version control systems (DVCS/VCS): SVN, GIT, Mercurial/hg, Bazaar/bzr, … | Perl | Free | False | |
| git-dump | [Source] | Dump the contents of a remote git repository without directory listing enabled | JavaScript | Free | False | |
| GitTools | [Source] | 3 tools: Finder (find websites with .git repository exposed), Dumper (dump exposed .git), Extractor (extract commits and their content from a broken repository) | Shell | Free | False | |
| Gobuster | [Source] | Directory, file and DNS busting tool | Go | Free | False | |
| Hackbar | [Website] | Firefox addon to manipulate HTTP requests (not compatible with Quantum) | Free | False | ||
| Hookbin | [Website] | [Source] | HTTP request collector and inspector | Java | Free | True |
| HUNT | [Source] | HUNT Suite is a collection of Burp Suite Pro/Free and OWASP ZAP extensions | Python | Free | True | |
| IronWASP | [Website] | [Source] | Web security/vulnerability scanner (native for Windows only) | C | Free | False |
| JWT cracker | [Source] | Multi-threaded JWT brute-force cracker | C | Free | False | |
| jwt-cracker | [Website] | [Source] | HS256 JWT token brute force cracker | JavaScript | Free | False |
| LFI Freak | [Source] | LFI scan and exploit tool | Python | Free | False | |
| LFI Suite | [Source] | Automatic LFI scanner and exploiter | Python | Free | False | |
| LightBulb | [Website] | [Source] | Framework for auditing web application firewalls and filters | Python | Free | False |
| Kadimus | [Source] | LFI, RFI, RCE scanner | C | Free | False | |
| Malzilla | [Website] | [Source] | Web oriented deobfuscating tool | Free | False | |
| Mockbin | [Website] | [Source] | HTTP request collector and inspector | JavaScript | Free | True |
| Netsparker | [Website] | Web application security scanner | Paid | True | ||
| nikto | [Website] | [Source] | Very light web security scanner | Perl | Free | False |
| NoSQLMap | [Source] | Automated NoSQL database enumeration and web application exploitation tool | Python | Free | False | |
| Nosql-Exploitation-Framework | [Source] | NoSQL scanning and exploitation framework | Python | Free | False | |
| OWASP JoomScan | [Source] | Joomla vulnerability scanner | Perl | Free | False | |
| OWASP Juice Shop CTF | [Website] | [Source] | Insecure webapp for security trainings | JavaScript | Free | False |
| OWASP ZAP | [Website] | [Source] | OWASP Zed Attack Proxy, intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Free | False |
| Panoptic | [Website] | [Source] | Automatic LFI and Path Traversal exploitation tool | Python | Free | False |
| Paros | [Source] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Free | False | |
| PHPGGC | [Source] | PHP Generic Gadget Chains, library of unserialize() payloads along with a tool to generate them, supporting various PHP frameworks | PHP | Free | False | |
| PowerUpSQL | [Source] | Toolkit for attacking MS SQL Server, discovery, configuration auditing, privilege escalation, post exploitation | Powershell | Free | False | |
| RequestBin | [Website] | [Source] | HTTP request collector and inspector | Python | Free | True |
| Simple Local File Inclusion Exploiter | [Website] | [Source] | LFI exploit tool | Python | Free | False |
| Sitadel | [Source] | Web application security scanner, rewrite and newer version of WAScan | Python | Free | False | |
| SleuthQL | [Source] | Tool that parses Burp history to discover potential SQL injection points and prepare SQLmap request files | Python | Free | False | |
| snallygaster | [Source] | Web scanner that looks for files accessible on web servers that shouldn't be public | Python | Free | False | |
| sqlmap | [Website] | [Source] | Automatic SQL injection tool | Python | Free | False |
| SQLiv | [Source] | SQL injection scanner, find vulnerable entry points | Python | Free | False | |
| testssl.sh | [Website] | [Source] | TLS/SSL scanner to find weak cipherss, protocols or flaws | Shell | Free | False |
| TIDoS Framework | [Source] | Comprehensive web-app audit framework | Python | Free | False | |
| Tracy | [Source] | Tool that help to manually find XSS | Go | Free | False | |
| Uniscan | [Source] | RFI, LFi and RCE scanner | Perl | Free | False | |
| V3n0M | [Source] | Web dork and vulnerability scanner | Python | Free | False | |
| Vega | [Website] | [Source] | Multi-platform web scanner and intercepting proxy | Java | Free | False |
| VOOKI | [Website] | Windows only web application and REST API vulnerability scanner | Free | False | ||
| w3af | [Website] | [Source] | Web application attack and audit framework, web-oriented security scanner | Python | Free | False |
| wapiti | [Website] | [Source] | Web-oriented vulnerability scanner, can generates reports | Free | False | |
| WAScan | [Source] | Web application security scanner | Python | Free | False | |
| Webhook Tester | [Website] | [Source] | HTTP request collector and inspector | PHP | Free | True |
| Weevely | [Source] | Web shell for post-exploitation working with a PHP agent | Python | Free | False | |
| Wfuzz | [Website] | [Source] | Web application fuzzer framework | Python | Free | False |
| What CMS | [Website] | Service able to detect more than 430 CMS, find version used for some CMS, has an API for batch detection | Free | True | ||
| wikto | [Source] | Nikto for Windows; web security scanner | CSharp | Free | False | |
| WS-Attacker | [Source] | Modular framework for SOAP web services penetration testing | Java | Free | False | |
| WSFuzzer | [Website] | [Source] | Fuzzing penetration testing tool for testing HTTP SOAP based web services | Python | Free | False |
| WSSAT | [Website] | [Source] | Web Service Security Assessment Tool; WS, REST API, SOAP API dynamic scanner | CSharp | Free | False |
| XAttacker | [Source] | CMS detection and exploitation suite | Perl | Free | False | |
| Xenotix | [Website] | [Source] | XSS detection and exploit framework (Windows only) | Python | Free | False |
| XSS'OR | [Website] | [Source] | Multi-purpose tool for XSS or JavaScript analysis | JavaScript | Free | True |
| XSS'OR 2 | [Website] | [Source] | Multi-purpose tool for XSS or JavaScript analysis | JavaScript | Free | True |
| XSSer | [Website] | [Source] | XSS automatic scanner and exploiter | Python | Free | False |
| XSStrike | [Source] | XSS detection tool, parser, payload generator, fuzzing engine, crawler | Python | Free | False |
Wireless
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Aircrack-Ng | [Website] | [Source] | Suite of tools to assess WiFi network security (cracking WEP and WPA PSK) | C | Free | False |
| BtleJack | [Source] | Bluetooth Low Energy Swiss-army knife | Python | Free | False | |
| Crunch-Cracker | [Source] | Wordlist generator and Wi-Fi cracker | Shell | Free | False | |
| Fluxion | [Website] | [Source] | MITM WPA attack tool | Shell | Free | False |
| FruityWiFi | [Source] | Wireless network auditing tool controlled by a web interface | PHP | Free | False | |
| Hijacker | [Source] | Android GUI for Aircrack, Airodump, Aireplay, MDK3 and Reaver | Java | Free | False | |
| Infernal-Wireless | [Source] | Automated wireless hacking tool | Python | Free | False | |
| MDK3-master | [Source] | PoC tool to exploit common IEEE 802.11 protocol weaknesses | C | Free | False | |
| MDK4 | [Source] | PoC tool to exploit common IEEE 802.11 protocol weaknesses | C | Free | False | |
| Modmobjam | [Source] | Cellular networks jamming PoC for mobile equipments | Python | Free | False | |
| Modmobmap | [Source] | Tool to retrieve information of cellular networks | Python | Free | False | |
| reaver-wps | [Source] | Bruteforce WPS tool | C | Free | False | |
| reaver-wps (t6x fork) | [Source] | Bruteforce WPS tool | C | Free | False | |
| trackerjacker | [Source] | Tool for mapping and tacking wifi networks and devices through raw 802.11 monitoring | Python | Free | False | |
| Wifi-Biter | [Source] | Dictionary generator used to generate dictionaries/wordlist for Wireless Router Passwords | Python | Free | False | |
| wifijammer | [Source] | Script to jam wifi clients and access points | Python | Free | False | |
| wifite2 | [Source] | Script for auditing wireless networks that runs existing wireless-auditing tools | Python | Free | False |