| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| ASLRay | [Source] | Tool for ASLR bypass with stack-spraying | Shell | Free | False | |
| libformatstr | [Source] | Library to simplify format string exploitation | Python | Free | False | |
| PEDA | [Source] | Python Exploit Development Assistance, GDB plugin (only python2.7) | Python | Free | False | |
| pwntools | [Source] | Framework and exploit development library | Python | Free | False | |
| ROPgadget | [Website] | [Source] | Framework for ROP exploitation | Python | Free | False |
Tools
Note: Paid softwares may exist in a free limited version or a demo version
Binary Exploitation
Bug Bounty
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bountyplz | [Source] | Automated bug bounty reporting/submission, supports HackerOne and Bugcrowd | Shell | Free | False |
Code Analysis
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| AndroBugs Framework | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| MobSF | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| NodeJsScan | [Source] | Static security code scanner for Node.js applications | Python | Free | False | |
| QARK | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| StaCoAn | [Source] | Mobile applications static code analysis tool | Python | Free | False | |
| SUPER | [Website] | [Source] | Android APK vulnerability analyzer | Rust | Free | False |
Collaboration and Report
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| DART | [Source] | Documentation And Reporting Tool; Collaborative penetration test and vulnerability management platform | Python | Free | False | |
| Dradis | [Website] | [Source] | Collaborative penetration test and vulnerability management platform | Ruby | Paid | False |
| Faraday | [Website] | [Source] | Collaborative penetration test and vulnerability management platform | Python | Paid | False |
| Kvasir | [Source] | Pentest data management tool | Python | Free | False | |
| Lair | [Website] | [Source] | Collaborative penetration test and vulnerability management platform | JavaScript | Free | False |
| OWASP PenText | [Website] | [Source] | Collection of XML templates, XML schemas and XSLT code, to generate IT security documents including test reports, offers and invoices | Free | False | |
| Prithvi | [Website] | [Source] | Report generation tool for pentester with provided OWASP data | JavaScript | Free | False |
| Serpico | [Source] | SimplE RePort wrIting and CollaboratiOn tool, penetration testing report generation and collaboration tool | Ruby | Free | False | |
| Sh00t | [Source] | Pentesting platform with dynamic task manager, checklists, bug template & bug report | Python | Free | False | |
| Vulnreport | [Website] | [Source] | Pentesting management and automation platform | Ruby | Free | False |
| MISP | [Website] | [Source] | Malware Information Sharing Platform, an Open Source threat intelligence plateform and open standards for threat information sharing | PHP | Free | False |
Configuration audit
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Nipper Studio | [Website] | Tool that parse router, switch, firewall configuration to discover vulnerabilities | Paid | False | ||
| Nipper-ng | [Source] | Tool that parse router, switch, firewall configuration to discover vulnerabilities | Cplusplus | Free | False |
Cracking
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Cracklord | [Website] | [Source] | Scalable, pluggable, and distributed system for password cracking | Go | Free | False |
| GoCrack | [Source] | Management frontend for password cracking tools, supporting hashcat | Go | Free | False | |
| Hashcat | [Website] | [Source] | Password cracking tool | C | Free | False |
| Hashtopolis | [Source] | Hashcat wrapper for distributed hashcracking | PHP | Free | False | |
| Hashview | [Website] | [Source] | Web-UI for managing, organizing, automating hashcat commands/tasks | Ruby | Free | False |
| Hydra | [Website] | [Source] | Network login cracker | C | Free | False |
| John The Ripper | [Website] | Password cracking tool | C | Free | False | |
| John the Ripper, Jumbo version | [Website] | [Source] | Password cracking tool, community-enhanced version of John The Ripper | C | Free | False |
| Medusa | [Website] | Network login cracker | Free | False | ||
| Medusa-gui | [Source] | GUI for Medusa | Java | Free | False | |
| Ncrack | [Website] | [Source] | Network login cracker | Cplusplus | Free | False |
| Nozzlr | [Source] | Bruteforce framework | Python | Free | False | |
| Ophcrack | [Website] | [Source] | Windows password cracker based on rainbow tables | Free | False | |
| Patator | [Source] | Multi-protocol bruteforce tool | Python | Free | False |
Cryptography
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| crypto-identifier | [Source] | Tool that try to identify what cipher is used and uncipher the data | Python | Free | False | |
| Crypton | [Source] | Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Hashing Algorithms along with example challenges from CTFs | Python | Free | False | |
| Dcode | [Website] | Code and decode all kind of checksums, algorithms, codes or ciphers | Free | True | ||
| FeatherDuster | [Source] | Cryptanalysis tool and library | Python | Free | False | |
| PkCrack | [Website] | Tool for breaking PkZip encryption | Free | False | ||
| RsaCtfTool | [Source] | Tool to conduct manual or automated attack on RSA | Python | Free | False | |
| RSATool | [Source] | Tool to calculate RSA parameters | Python | Free | False | |
| RSHack | [Source] | RSA attack and key manipulation tool | Free | False | ||
| XORTool | [Source] | Tool to analyze multi-byte xor cipher | Python | Free | False |
Digital Forensics
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Cerbero Profiler | [Website] | File analyzer and inspector | Paid | False | ||
| dnscat2 | [Source] | Encrypted command-and-control (C&C) channel over the DNS protocol, data exfiltration | Cplusplus | Free | False | |
| ExifTool | [Website] | [Source] | Library and CLI tool for reading, writing and editing metadata for a lot of file types | Perl | Free | False |
| extundelete | [Website] | [Source] | Tool to recover deleted files from an ext3 or ext4 partition | Free | False | |
| Fibratus | [Source] | Tool for exploration and tracing of the Windows kernel | Python | Free | False | |
| Foremost | [Website] | [Source] | CLI tool to recover files based on their headers, footers, and internal data structures | Free | False | |
| rekall | [Website] | [Source] | Volatile memory extraction utility | Python | Free | False |
| ResourcesExtract | [Website] | Scans dll/ocx/exe files and extract all resources found, Windows only | Free | False | ||
| shellbags | [Source] | Shellbag parser (Windows Registry Keys) | Python | Free | False | |
| volatility | [Website] | [Source] | Volatile memory extraction utility | Python | Free | False |
Intentionally Vulnerable Applications
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bWAPP | [Website] | [Source] | Buggy Web Application, insecure webapp for security trainings | PHP | Free | False |
| DVIA | [Website] | [Source] | Damn Vulnerable iOS App, insecure webapp for mobile security trainings | Swift | Free | False |
| DVWA | [Website] | [Source] | Damn Vulnerable Web Application, insecure webapp for security trainings | PHP | Free | False |
| Google Gruyere | [Website] | [Source] | Codelab for white-box and black-box hacking | Python | Free | True |
| Hackazon | [Source] | Intentionally vulnerable web shopping application using modern technologies and containing configurable areas | PHP | Free | False | |
| OWASP Mutillidae II | [Website] | [Source] | Intentionally vulnerable web-application containing some OWASP Top Ten vulnerabilities, with hints and switch for secure version of the code | PHP | Free | False |
| OWASP WebGoat | [Website] | [Source] | Deliberately insecure web application to teach web application security lessons | Java | Free | False |
| XVNA | [Source] | Extreme Vulnerable Node Application, insecure webapp for security trainings | JavaScript | Free | False |
Networking
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bettercap | [Website] | [Source] | MITM framework | Ruby | Free | False |
| CapAnalysis | [Website] | [Source] | PCAP analyzer | C | Free | True |
| chisel | [Source] | Fast TCP tunneling over HTTP secured by SSH | Go | Free | False | |
| CloudShark | [Website] | PCAP analyzer | Paid | True | ||
| Garfield | [Source] | Attack framework for distributed systems | Python | Free | False | |
| Masscan | [Source] | Port scanner for massive networks | C | Free | False | |
| nemesis | [Website] | [Source] | Packet manipulation CLI tool; craft and inject packets of several protocols | Python | Free | False |
| Netfort Free Cloud Based PCAP Analysis | [Website] | PCAP analyzer; needs registration | Free | True | ||
| NetworkMiner | [Website] | Network sniffer/packet capturing tool | Free | False | ||
| NetworkTotal | [Website] | PCAP analyzer; using Suricata | Free | True | ||
| Nipe | [Source] | Script to make TOR as default gateway | Perl | Free | False | |
| Nmap | [Website] | [Source] | Tool for network discovery and security auditing | C | Free | False |
| NMapGUI | [Source] | Advanced GUI for Nmap | Java | Free | False | |
| PacketFu | [Source] | Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols | Ruby | Free | False | |
| PacketTotal | [Website] | PCAP analyzer; using Bro, Suricata and Elasticsearch | Free | True | ||
| PacketWhisper | [Source] | Stealthy Data exfiltration via DNS, without the need for attacker-controlled Name Servers or domain | Python | Free | False | |
| polarbearscan | [Website] | [Source] | Port scanner and banner grabber | C | Free | False |
| Polymorph | [Source] | Real-time network packet manipulation framework | Python | Free | False | |
| Responder | [Source] | LLMNR, NBT-NS and MDNS poisoner to intercept authentication requests/answers | Python | Free | False | |
| Scapy | [Website] | [Source] | Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols | Python | Free | False |
| Seth | [Source] | RDP MitM tool | Python | Free | False | |
| Singularity | [Website] | [Source] | DNS rebinding attack framework | Go | Free | False |
| ssh-audit | [Source] | SSH scanner that detects protocol, version, grab banner, recognize software and operating system, output algorithm information and recommendations | Python | Free | False | |
| Whonow | [Source] | DNS Server for executing DNS Rebinding attacks | JavaScript | Free | False | |
| Wireshark | [Website] | [Source] | Network protocol analyzer | Cplusplus | Free | False |
| yersinia | [Source] | Framework for layer 2 attacks | C | Free | False | |
| Zenmap | [Website] | [Source] | GUI for Nmap | Python | Free | False |
| Zmap | [Website] | [Source] | Collection of tools to scan and study massive networks | C | Free | False |
OSINT and Reconnaissance
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Amass | [Source] | Tool for subdomain enumeration | Go | Free | False | |
| badKarma | [Source] | Advanced network reconnaissance tool | Python | Free | False | |
| Belati | [Source] | OSINT tool, collect data and document actively or passively | Python | Free | False | |
| datasploit | [Website] | [Source] | OSINT framework, find, aggregate and export data | Python | Free | False |
| EagleEye | [Source] | OSINT tool, image recognition on instagram, facebook and twitter | Python | Free | False | |
| eTools.ch | [Website] | Metasearch engine, query 16 search engines in parallel | Free | True | ||
| Facebook_OSINT_Dump | [Source] | OSINT tool, facebook profile dumper, windows and chrome only | Shell | Free | False | |
| FOCA | [Website] | [Source] | OSINT framework and metadata analyser | Csharp | Free | False |
| gOSINT | [Source] | OSINT framework; find mails, dumps, retrieve Telegram history and info about hosts | Go | Free | False | |
| Harpoon | [Source] | CLI tool; collect data and document actively or passively | Python | Free | False | |
| Kostebek | [Source] | Tool to find firms domains by searching their trademark information | Python | Free | False | |
| leakScraper | [Source] | Set of tools to process and visualize huge text files containing credentials | Python | Free | False | |
| LinEnum | [Source] | System script for local Linux enumeration and privilege escalation checks | Shell | Free | False | |
| ODIN | [Source] | Observe, Detect, and Investigate Networks, Automated reconnaissance tool | Python | Free | False | |
| Omnibus | [Source] | OSINT framework; collection of tools | Python | Free | False | |
| OSINT Framework | [Website] | [Source] | A web-based collection of tools and resources for OSINT | Javascript | Free | True |
| Photon | [Source] | Fast crawler designed for OSINT | Python | Free | False | |
| PITT | [Source] | Web browser loaded with links and extensions for doing OSINT | Free | False | ||
| ReconDog | [Source] | Multi-purpose reconnaissance tool, CMS detection, reverse IP lookup, port scan, etc. | Python | Free | False | |
| Reconnoitre | [Source] | Tool made to automate information gathering and service enumeration while storing results | Python | Free | False | |
| Red Team Arsenal | [Source] | Automated reconnaissance scanner and security checks | Python | Free | False | |
| Sandmap | [Website] | [Source] | Network and system reconnaissance scanner using Nmap | Shell | Free | False |
| Sn1per | [Source] | Automated reconnaissance scanner | Shell | Free | False | |
| spiderfoot | [Website] | [Source] | OSINT framework, collect and manage data, scan target | Python | Free | False |
| Sublist3r | [Source] | Subdomains enumeration tool | Python | Free | False |
Other
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Firefox Monitor | [Website] | Service to check if an account has been compromised in a data breach | Free | True | ||
| Have i been pwned? | [Website] | Service to check if an account has been compromised in a data breach | Free | True | ||
| hideNsneak | [Source] | CLI tool for ephemeral penetration testing, rapidly deploy and manage various cloud services | Go | Free | False | |
| inlite | [Website] | Scan QR-code, 1D, DataMatrix, Postal, PDF417, and more | Free | True | ||
| Metasploit | [Website] | [Source] | Tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit, 4 versions: Pro (paid), Express (paid), Community (free with GUI but on request), Framework (free, open source, CLI) | Ruby | Paid | False |
| PentestBox | [Website] | [Source] | Pre-configured portable penetration testing environment for Windows, all-in-one box | Free | False | |
| PWDQUERY | [Website] | Service to check if an account has been compromised in a data breach | Free | True | ||
| Scrounger | [Source] | Mobile application testing toolkit, the mobile metasploit-like framework | Python | Free | False | |
| v0lt | [Source] | CTF toolkit / framework | Python | Free | False | |
| webqr | [Website] | Scan & create QR-code | Free | True | ||
| ysoserial | [Source] | Tool for generating payloads that exploit unsafe Java object deserialization | Java | Free | False |
Reverse Engineering
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| androguard | [Source] | Tool for reverse engineering and malware analysis of Android applications | Python | Free | False | |
| angr | [Source] | Platform-agnostic binary analysis framework | Python | Free | False | |
| ANY RUN | [Website] | Online virtual machine for malware hunting, sandbox with interactive access, real-time data-flow | Free | Online | ||
| Apk2Gold | [Source] | Android decompiler (wrapper for apktool, dex2jar, and jd-gui) | Shell | Free | False | |
| Apktool | [Website] | [Source] | Android disassembler and rebuilder | Java | Free | False |
| arm_now | [Source] | Tool that allows instant setup of virtual machines on various architectures for reverse, exploit, fuzzing and programming purpose | Python | Free | False | |
| Barf | [Source] | Binary Analysis and Reverse engineering Framework | Python | Free | False | |
| Binary Ninja | [Website] | Crossplatform binary analysis framework | Python | Paid | False | |
| binutils | [Website] | [Source] | GNU collection of binary tools | C | Free | False |
| binwalk | [Source] | Analyze, reverse engineer and extract firmware images (and other files, also usefull for Digital Forensics) | Python | Free | False | |
| boomerang | [Source] | x86 binaries to C decompiler | Cplusplus | Free | False | |
| ctf_import | [Website] | [Source] | Library to run basic functions from stripped binaries | C | Free | False |
| CFF Explorer | [Website] | PE Editor | Free | False | ||
| Cutter | [Source] | Qt and C++ GUI for radare2 | CPlusPlus | Free | False | |
| Defuse online disassembler | [Website] | Online x86 (32/64 bits) assembler and disassembler | Free | True | ||
| Droidefense | [Website] | [Source] | Android apps/malware analysis/reversing tool | Java | Free | False |
| Flare | [Website] | Processes SWF and extract scripts from it | Free | False | ||
| Flasm | [Website] | [Source] | Disassembler tool for SWF bytecode | Free | False | |
| Frida | [Website] | [Source] | Dynamic code instrumentation toolkit | C | Free | False |
| GDB | [Website] | [Source] | GNU debugger | Cplusplus | Free | False |
| GEF | [Source] | GDB Enhanced Features, multi-architecture GDB plugin | Python | Free | False | |
| Hiew | [Website] | x86_64 disassembler for multiple formats | Paid | False | ||
| Hopper | [Website] | Disassembler, decompiler and debugger | Paid | False | ||
| IDA Pro | [Website] | Disassembler and debugger | Paid | False | ||
| ILSpy | [Source] | .NET assembly browser and decompiler to C# | CSharp | Free | False | |
| ImmunityDbg | [Website] | Windows debugger with Python scripting support | Free | False | ||
| jadx | [Source] | DEX to Java decompiler | Java | Free | False | |
| Java Decompilers | [Website] | .JAR and .Class to Java decompiler | Free | True | ||
| JD-GUI | [Website] | GUI tool decompiling JAVA | Java | Free | False | |
| JEB | [Website] | Disassembler, decompiler and debugger | Paid | False | ||
| JPEXS Free Flash Decompiler | [Source] | A.k.a ffdec, flash SWF decompiler | Java | Free | False | |
| JSDetox | [Website] | [Source] | Javascript deobfustcator | Ruby | Free | False |
| Kemon | [Source] | macOS kernel pre and post callback-based framework | C | Free | False | |
| Krakatau | [Source] | Java decompiler, assembler, and disassembler | Java | Free | False | |
| ldd | [Website] | Tool that print shared library dependencies | Free | False | ||
| Metasm | [Website] | [Source] | Assembler, disassembler, compiler and debugger | Ruby | Free | False |
| Medusa | [Source] | Interactive multi-architecture and multi-formats disassembler running on Windows and Linux | Cplusplus | Free | False | |
| ODA | [Website] | Advanced multi-architecture online disassembler supporting a lot of architectures and object file formats | Free | True | ||
| OllyDbg | [Website] | Windows debugger | Free | False | ||
| PE Explorer Disassembler | [Website] | Windows disassembler | Paid | False | ||
| PE Insider | [Website] | PE viewer, closed source and windows only | Free | False | ||
| Plasma | [Source] | x86/ARM/MIPS interactive disassembler | Python | Free | False | |
| Pwndbg | [Source] | enhance GDB, GDB plugin | Python | Free | False | |
| Qira | [Website] | [Source] | Timeless debugger (QIRA = QEMU Interactive Runtime Analyser) | C | Free | False |
| RABCDAsm | [Website] | [Source] | ActionScript disassembler | D | Free | False |
| radare2 | [Website] | [Source] | Crossplatform binary analysis framework, disassembler, decompiler and debugger, support collaborative analysis | C | Free | False |
| Relyze | [Website] | x86 and ARM graphical interactive disassembler with Ruby plugin framework | Paid | False | ||
| RetDec | [Website] | [Source] | Multi file formats and architectures machine-code decompiler | Cplusplus | Free | False |
| sandsifter | [Source] | x86 processor fuzzer | Python | Free | False | |
| Snowman | [Website] | [Source] | Native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures, exists as standalone app or as a plug-in | Cplusplus | Free | False |
| strace | [Source] | Debugger for Linux | Free | False | ||
| Swftools | [Website] | [Source] | Collection of utilities to work with SWF files | C | Free | False |
| Triton | [Website] | [Source] | Dynamic binary analysis framework, automate reverse engineering | Cplusplus | Free | False |
| UglifyJS2 | [Website] | [Source] | JavaScript obfuscator or beautifier toolkit | JavaScript | Free | False |
| uncompyle | [Source] | Python 2.7 binaries (.pyc) decompiler | Python | Free | False | |
| uncompyle6 | [Source] | Python 1.5, 2.1 to 2.7, 3.1 to 3.6 binaries (.pyc) decompiler | Python | Free | False | |
| Vais | [Source] | SWF vulnerability and information scanner | Ruby | Free | False | |
| WinDbg | [Website] | Windows debugger | Free | False | ||
| x64dbg | [Website] | [Source] | Windows debugger | Cplusplus | Free | False |
| XenoScan | [Source] | Processes memory scanner | Cplusplus | Free | False | |
| Xori | [Website] | [Source] | Disassembly and static analysis library that provides triage analysis data | Rust | Free | False |
| xxxswf | [Source] | Small script for carving, scanning, compressing, decompressing and analyzing SWF files | Python | Free | False |
Steganography
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Audacity | [Website] | [Source] | Tool to edit and analyze audio tracks | Free | False | |
| exif | [Source] | Shows EXIF information for JPEG files only | C | Free | False | |
| ExifTool | [Website] | [Source] | Library and CLI tool to read and write meta information (EXIF, GPS, IPTC, XMP, JFIF, …) in files (JPEG, PNG, SVG, MPEG, …) | Perl | Free | False |
| Exiv2 | [Website] | [Source] | Library and CLI tool to read and write meta information (Exif, IPTC & XMP metadata and ICC Profile) in images (JPEG, TIFF, PNG, …) | Cplusplus | Free | False |
| ImageMagick | [Website] | [Source] | Software suite and library to create, edit, compose, or convert images | C | Free | False |
| Outguess | Tool to hide messages in files (website down since 2004) | Free | False | |||
| PNGtools | [Website] | [Source] | Suite of tools to work with PNG images | C | Free | False |
| SHIT | [Source] | Stego Helper Identification Tool, multi-purpose image steganography tool | Python | Free | False | |
| SmartDeblur | [Source] | To to restore defocused and blurred images (update binary only for Windows, Mac OS binary out of date) | Cplusplus | Free | False | |
| Sonic Visualiser | [Website] | [Source] | Tool to edit and analyze audio tracks | Free | False | |
| Steganabara | [Source] | Steganography analysis tool | Java | Free | False | |
| Steghide | [Website] | [Source] | Tool to hide messages in images | Free | False | |
| StegoVeritas | [Source] | Automatic tool to bruteforce LSB, transform image, extract metadata or trailing data | Python | Free | False | |
| StegSolve | GUI tool to analyse images | Java | Free | False | ||
| zsteg | [Source] | Tool to detect hidden data in PNG and BMP | Ruby | Free | False |
System Exploitation
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bkhive | [Source] | Dump the syskey bootkey from a Windows NT/2K/XP system hive, often used with samdump2, part of the ophcrack project | Free | False | ||
| BloodHound | [Website] | [Source] | Tool to reveal the hidden and unintended relationships within an Active Directory environment | PowerShell | Free | False |
| CrackMapExec | [Source] | Post-exploitation tool to asses Active Directory networks | Python | Free | False | |
| creddump | [Source] | Dump windows credentials | Python | Free | False | |
| DLLInjector | [Source] | Dll injection tool | Cplusplus | Free | False | |
| DLLPasswordFilterImplant | [Source] | Password filter DLL, triggered on password change to exfiltrate credentials | C | Free | False | |
| Empire | [Website] | [Source] | PowerShell and Python post-exploitation agent | Shell | Free | False |
| Empire GUI | [Website] | [Source] | GUI for Empire framework | JavaScript | Free | False |
| FFM | [Source] | Freedom Fighting Mode (FFM), hacking harness, post-exploitation tool | Python | Free | False | |
| goddi | [Source] | Active Directory domain information dumper | Go | Free | False | |
| LaZagne | [Source] | Password retriever | Python | Free | False | |
| lynis | [Website] | [Source] | Security auditing and hardening tool, for UNIX-based systems | Shell | Free | False |
| Nishang | [Source] | Framework, collection of scripts and payloads in PowerShell for offensive security, penetration testing and red teaming | PowerShell | Free | False | |
| p0wnedShell | [Source] | PowerShell runspace post exploitation toolkit | CSharp | Free | False | |
| PowerSploit | [Source] | Powershell exploitation framework | Powershell | Free | False | |
| samdump2 | [Source] | Retrieves syskey and extract hashes from Windows 2k/NT/XP/Vista SAM, often used with bkhive, part of the ophcrack project | Free | False | ||
| SharpShooter | [Source] | Payload Generation Framework for C# source code | VB | Free | False | |
| ShellPop | [Source] | Tool to craft bind and reverse shells in several languages | Python | Free | False | |
| unicorn | [Source] | Tool for using a PowerShell downgrade attack and inject shellcode into memory | Python | Free | False |
Vulnerability Assessment
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| cvss-suite | [Source] | CVSS calculator library | Ruby | Free | False |
Web Application Exploitation
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Acunetix | [Website] | Web application security scanner | Paid | True | ||
| Arachni | [Website] | [Source] | Web application security scanner framework | Ruby | Free | False |
| AssassinGo | [Website] | [Source] | Web pentest framework for information gathering and vulnerability scanning | Go | Free | False |
| Astra | [Website] | [Source] | REST API penetration testing tool | Python | Free | False |
| Burp Suite | [Website] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests (a limited free version exists) | Java | Paid | False | |
| Charles | [Website] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Paid | False | |
| CloudFrunt | [Source] | Scanner to identify misconfigured CloudFront domains | Python | Free | False | |
| CMSeek | [Source] | CMS detection and exploitation suite; capable of detecting more than 130 CMS | Python | Free | False | |
| CMSmap | [Source] | WordPress, Joomla, Drupal, Moodle security scanner | Python | Free | False | |
| CMSScan | [Source] | Wordpress, Drupal, Joomla, vBulletin security scanner with dashboard | Python | Free | False | |
| commix | [Website] | [Source] | Web-based command injection tester | Python | Free | False |
| CSWSH | [Website] | Cross-Site WebSocket Hijacking Tester | Free | False | ||
| dirb | [Website] | [Source] | Web content scanner (dictionary based) | Free | False | |
| distributed-jwt-cracker | [Website] | [Source] | HS256 JWT token distributed brute force cracker | JavaScript | Free | False |
| DotDotPwn | [Website] | [Source] | Directory Traversal fuzzer | Perl | Free | False |
| dvcs-ripper | [Source] | Dump web accessible (distributed) version control systems (DVCS/VCS): SVN, GIT, Mercurial/hg, Bazaar/bzr, … | Perl | Free | False | |
| git-dump | [Source] | Dump the contents of a remote git repository without directory listing enabled | JavaScript | Free | False | |
| GitTools | [Source] | 3 tools: Finder (find websites with .git repository exposed), Dumper (dump exposed .git), Extractor (extract commits and their content from a broken repository) | Shell | Free | False | |
| Hackbar | [Website] | Firefox addon to manipulate HTTP requests (not compatible with Quantum) | Free | False | ||
| Hookbin | [Website] | [Source] | HTTP request collector and inspector | Java | Free | True |
| HUNT | [Source] | HUNT Suite is a collection of Burp Suite Pro/Free and OWASP ZAP extensions | Python | Free | True | |
| IronWASP | [Website] | [Source] | Web security/vulnerability scanner (native for Windows only) | C | Free | False |
| JWT cracker | [Source] | Multi-threaded JWT brute-force cracker | C | Free | False | |
| jwt-cracker | [Website] | [Source] | HS256 JWT token brute force cracker | JavaScript | Free | False |
| LFI Freak | [Source] | LFI scan and exploit tool | Python | Free | False | |
| LFI Suite | [Source] | Automatic LFI scanner and exploiter | Python | Free | False | |
| LightBulb | [Website] | [Source] | Framework for auditing web application firewalls and filters | Python | Free | False |
| Kadimus | [Source] | LFI, RFI, RCE scanner | C | Free | False | |
| Malzilla | [Website] | [Source] | Web oriented deobfuscating tool | Free | False | |
| Mockbin | [Website] | [Source] | HTTP request collector and inspector | JavaScript | Free | True |
| Netsparker | [Website] | Web application security scanner | Paid | True | ||
| nikto | [Website] | [Source] | Web security scanner | Perl | Free | False |
| Nosql-Exploitation-Framework | [Source] | NoSQL scanning and exploitation framework | Python | Free | False | |
| OWASP JoomScan | [Source] | Joomla vulnerability scanner | Perl | Free | False | |
| OWASP Juice Shop CTF | [Website] | [Source] | Insecure webapp for security trainings | JavaScript | Free | False |
| OWASP ZAP | [Website] | [Source] | OWASP Zed Attack Proxy, intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Free | False |
| Panoptic | [Website] | [Source] | Automatic LFI and Path Traversal exploitation tool | Python | Free | False |
| Paros | [Source] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Free | False | |
| PHPGGC | [Source] | PHP Generic Gadget Chains, library of unserialize() payloads along with a tool to generate them, supporting various PHP frameworks | PHP | Free | False | |
| PowerUpSQL | [Source] | Toolkit for attacking MS SQL Server, discovery, configuration auditing, privilege escalation, post exploitation | Powershell | Free | False | |
| RequestBin | [Website] | [Source] | HTTP request collector and inspector | Python | Free | True |
| Simple Local File Inclusion Exploiter | [Website] | [Source] | LFI exploit tool | Python | Free | False |
| SleuthQL | [Source] | Tool that parses Burp history to discover potential SQL injection points and prepare SQLmap request files | Python | Free | False | |
| snallygaster | [Source] | Web scanner that looks for files accessible on web servers that shouldn't be public | Python | Free | False | |
| sqlmap | [Website] | [Source] | Automatic SQL injection tool | Python | Free | False |
| SQLiv | [Source] | SQL injection scanner, find vulnerable entry points | Python | Free | False | |
| TIDoS Framework | [Source] | Comprehensive web-app audit framework | Python | Free | False | |
| Tracy | [Source] | Tool that help to manually find XSS | Go | Free | False | |
| Uniscan | [Source] | RFI, LFi and RCE scanner | Perl | Free | False | |
| V3n0M | [Source] | Web dork and vulnerability scanner | Python | Free | False | |
| Vega | [Website] | [Source] | Multi-platform web scanner and intercepting proxy | Java | Free | False |
| w3af | [Website] | [Source] | Web application attack and audit framework, web-oriented security scanner | Python | Free | False |
| wapiti | [Website] | [Source] | Web-oriented vulnerability scanner, can generates reports | Free | False | |
| WAScan | [Source] | Web application security scanner | Python | Free | False | |
| Webhook Tester | [Website] | [Source] | HTTP request collector and inspector | PHP | Free | True |
| Weevely | [Source] | Web shell for post-exploitation working with a PHP agent | Python | Free | False | |
| Wfuzz | [Website] | [Source] | Web application fuzzer framework | Python | Free | False |
| What CMS | [Website] | Service able to detect more than 430 CMS, find version used for some CMS, has an API for batch detection | Free | True | ||
| wikto | [Source] | Nikto for Windows; web security scanner | CSharp | Free | False | |
| WSSAT | [Website] | [Source] | Web Service Security Assessment Tool; WS, REST API, SOAP API dynamic scanner | CSharp | Free | False |
| XAttacker | [Source] | CMS detection and exploitation suite | Perl | Free | False | |
| Xenotix | [Website] | [Source] | XSS detection and exploit framework (Windows only) | Python | Free | False |
| XSS'OR | [Website] | [Source] | Multi-purpose tool for XSS or JavaScript analysis | JavaScript | Free | True |
| XSS'OR 2 | [Website] | [Source] | Multi-purpose tool for XSS or JavaScript analysis | JavaScript | Free | True |
| XSSer | [Website] | [Source] | XSS automatic scanner and exploiter | Python | Free | False |
| XSSor | [Source] | XSS scanner plugin for Burp Suite | Python | Free | False | |
| XSStrike | [Source] | XSS detection tool, parser, payload generator, fuzzing engine, crawler | Python | Free | False |
Wireless
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Aircrack-Ng | [Website] | [Source] | Suite of tools to assess WiFi network security (cracking WEP and WPA PSK) | C | Free | False |
| BtleJack | [Source] | Bluetooth Low Energy Swiss-army knife | Python | Free | False | |
| Crunch-Cracker | [Source] | Wordlist generator and Wi-Fi cracker | Shell | Free | False | |
| eaver-wps (t6x fork) | [Source] | Bruteforce WPS tool | C | Free | False | |
| Fluxion | [Website] | [Source] | MITM WPA attack tool | Shell | Free | False |
| FruityWiFi | [Source] | Wireless network auditing tool controlled by a web interface | PHP | Free | False | |
| Hijacker | [Source] | Android GUI for Aircrack, Airodump, Aireplay, MDK3 and Reaver | Java | Free | False | |
| Infernal-Wireless | [Source] | Automated wireless hacking tool | Python | Free | False | |
| MDK3-master | [Source] | PoC tool to exploit common IEEE 802.11 protocol weaknesses | C | Free | False | |
| MDK4 | [Source] | PoC tool to exploit common IEEE 802.11 protocol weaknesses | C | Free | False | |
| Modmobjam | [Source] | Cellular networks jamming PoC for mobile equipments | Python | Free | False | |
| Modmobmap | [Source] | Tool to retrieve information of cellular networks | Python | Free | False | |
| reaver-wps | [Source] | Bruteforce WPS tool | C | Free | False | |
| trackerjacker | [Source] | Tool for mapping and tacking wifi networks and devices through raw 802.11 monitoring | Python | Free | False | |
| Wifi-Biter | [Source] | Dictionary generator used to generate dictionaries/wordlist for Wireless Router Passwords | Python | Free | False | |
| wifijammer | [Source] | Script to jam wifi clients and access points | Python | Free | False | |
| wifite2 | [Source] | Script for auditing wireless networks that runs existing wireless-auditing tools | Python | Free | False |