| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| ASLRay | [Source] | Tool for ASLR bypass with stack-spraying | Shell | Free | False | |
| libformatstr | [Source] | Library to simplify format string exploitation | Python | Free | False | |
| PEDA | [Source] | Python Exploit Development Assistance, GDB plugin (only python2.7) | Python | Free | False | |
| pwntools | [Source] | Framework and exploit development library | Python | Free | False | |
| ROPgadget | [Website] | [Source] | Framework for ROP exploitation | Python | Free | False |
Tools
Note: Paid softwares may exist in a free limited version or a demo version
Binary Exploitation
Code Analysis
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| AndroBugs Framework | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| MobSF | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| NodeJsScan | [Source] | Static security code scanner for Node.js applications | Python | Free | False | |
| QARK | [Source] | Android APK vulnerability analyzer | Python | Free | False | |
| StaCoAn | [Source] | Mobile applications static code analysis tool | Python | Free | False | |
| SUPER | [Website] | [Source] | Android APK vulnerability analyzer | Rust | Free | False |
Collaboration and Report
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Faraday | [Website] | [Source] | Collaborative penetration test and vulnerability management platform | Python | Paid | False |
| Serpico | [Source] | SimplE RePort wrIting and CollaboratiOn tool, penetration testing report generation and collaboration tool | Ruby | Free | False | |
| Vulnreport | [Website] | [Source] | Pentesting management and automation platform | Ruby | Free | False |
Configuration audit
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Nipper Studio | [Website] | Tool that parse router, switch, firewall configuration to discover vulnerabilities | Paid | False | ||
| Nipper-ng | [Source] | Tool that parse router, switch, firewall configuration to discover vulnerabilities | Cplusplus | Free | False |
Cracking
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Aircrack-Ng | [Website] | Suite of tools to assess WiFi network security (cracking WEP and WPA PSK) | Free | False | ||
| Hashcat | [Website] | [Source] | Password cracking tool | C | Free | False |
| Hashtopolis | [Source] | Hashcat wrapper for distributed hashcracking | PHP | Free | False | |
| Hydra | [Website] | [Source] | Network login cracker | C | Free | False |
| John The Ripper | [Website] | Password cracking tool | C | Free | False | |
| John the Ripper, Jumbo version | [Website] | [Source] | Password cracking tool, community-enhanced version of John The Ripper | C | Free | False |
| Medusa | [Website] | Network login cracker | Free | False | ||
| Medusa-gui | [Source] | GUI for Medusa | Java | Free | False | |
| Ncrack | [Website] | [Source] | Network login cracker | Cplusplus | Free | False |
| Nozzlr | [Source] | Bruteforce framework | Python | Free | False | |
| Ophcrack | [Website] | [Source] | Windows password cracker based on rainbow tables | Free | False | |
| Patator | [Source] | Multi-protocol bruteforce tool | Python | Free | False |
Cryptography
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| crypto-identifier | [Source] | Tool that try to identify what cipher is used and uncipher the data | Python | Free | False | |
| Dcode | [Website] | Code and decode all kind of checksums, algorithms, codes or ciphers | Free | True | ||
| FeatherDuster | [Source] | Cryptanalysis tool and library | Python | Free | False | |
| PkCrack | [Website] | Tool for breaking PkZip encryption | Free | False | ||
| RSATool | [Source] | Tool to calculate RSA parameters | Python | Free | False | |
| XORTool | [Source] | Tool to analyze multi-byte xor cipher | Python | Free | False |
Digital Forensics
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Cerbero Profiler | [Website] | File analyzer and inspector | Paid | False | ||
| dnscat2 | [Source] | Encrypted command-and-control (C&C) channel over the DNS protocol, data exfiltration | Cplusplus | Free | False | |
| ExifTool | [Website] | [Source] | Library and CLI tool for reading, writing and editing metadata for a lot of file types | Perl | Free | False |
| extundelete | [Website] | [Source] | Tool to recover deleted files from an ext3 or ext4 partition | Free | False | |
| Fibratus | [Source] | Tool for exploration and tracing of the Windows kernel | Python | Free | False | |
| Foremost | [Website] | [Source] | CLI tool to recover files based on their headers, footers, and internal data structures | Free | False | |
| rekall | [Website] | [Source] | Volatile memory extraction utility | Python | Free | False |
| ResourcesExtract | [Website] | Scans dll/ocx/exe files and extract all resources found, Windows only | Free | False | ||
| shellbags | [Source] | Shellbag parser (Windows Registry Keys) | Python | Free | False | |
| volatility | [Website] | [Source] | Volatile memory extraction utility | Python | Free | False |
Networking
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bettercap | [Website] | [Source] | MITM framework | Ruby | Free | False |
| CapAnalysis | [Website] | [Source] | PCAP analyzer | C | Free | True |
| CloudShark | [Website] | PCAP analyzer | Paid | True | ||
| Garfield | [Source] | Attack framework for distributed systems | Python | Free | False | |
| Masscan | [Source] | Port scanner for massive networks | C | Free | False | |
| nemesis | [Website] | [Source] | Packet manipulation CLI tool; craft and inject packets of several protocols | Python | Free | False |
| Netfort Free Cloud Based PCAP Analysis | [Website] | PCAP analyzer; needs registration | Free | True | ||
| NetworkMiner | [Website] | Network sniffer/packet capturing tool | Free | False | ||
| NetworkTotal | [Website] | PCAP analyzer; using Suricata | Free | True | ||
| Nipe | [Source] | Script to make TOR as default gateway | Perl | Free | False | |
| Nmap | [Website] | [Source] | Tool for network discovery and security auditing | C | Free | False |
| PacketFu | [Source] | Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols | Ruby | Free | False | |
| PacketTotal | [Website] | PCAP analyzer; using Bro, Suricata and Elasticsearch | Free | True | ||
| polarbearscan | [Website] | [Source] | Port scanner and banner grabber | C | Free | False |
| Scapy | [Website] | [Source] | Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols | Python | Free | False |
| Seth | [Source] | RDP MitM tool | Python | Free | False | |
| Whonow | [Source] | DNS Server for executing DNS Rebinding attacks | JavaScript | Free | False | |
| Wireshark | [Website] | [Source] | Network protocol analyzer | Cplusplus | Free | False |
| yersinia | [Source] | Framework for layer 2 attacks | C | Free | False | |
| Zenmap | [Website] | [Source] | GUI for Nmap | Python | Free | False |
| Zmap | [Website] | [Source] | Collection of tools to scan and study massive networks | C | Free | False |
OSINT and Reconnaissance
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Amass | [Source] | Tool for subdomain enumeration | Go | Free | False | |
| Belati | [Source] | OSINT tool, collect data and document actively or passively | Python | Free | False | |
| datasploit | [Website] | [Source] | OSINT framework, find, aggregate and export data | Python | Free | False |
| EagleEye | [Source] | OSINT tool, image recognition on instagram, facebook and twitter | Python | Free | False | |
| Facebook_OSINT_Dump | [Source] | OSINT tool, facebook profile dumper, windows and chrome only | Shell | Free | False | |
| FOCA | [Website] | [Source] | OSINT framework and metadata analyser | Csharp | Free | False |
| gOSINT | [Source] | OSINT framework; find mails, dumps, retrieve Telegram history and info about hosts | Go | Free | False | |
| Harpoon | [Source] | CLI tool; collect data and document actively or passively | Python | Free | False | |
| leakScraper | [Source] | Set of tools to process and visualize huge text files containing credentials | Python | Free | False | |
| LinEnum | [Source] | System script for local Linux enumeration and privilege escalation checks | Shell | Free | False | |
| ODIN | [Source] | Observe, Detect, and Investigate Networks, Automated reconnaissance tool | Python | Free | False | |
| Omnibus | [Source] | OSINT framework; collection of tools | Python | Free | False | |
| OSINT Framework | [Website] | [Source] | A web-based collection of tools and resources for OSINT | Javascript | Free | True |
| PITT | [Source] | Web browser loaded with links and extensions for doing OSINT | Free | False | ||
| Sandmap | [Website] | [Source] | Network and system reconnaissance scanner using Nmap | Shell | Free | False |
| Sn1per | [Source] | Automated reconnaissance scanner | Shell | Free | False | |
| spiderfoot | [Website] | [Source] | OSINT framework, collect and manage data, scan target | Python | Free | False |
| Sublist3r | [Source] | Subdomains enumeration tool | Python | Free | False |
Other
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| inlite | [Website] | Scan QR-code, 1D, DataMatrix, Postal, PDF417, and more | Free | True | ||
| Metasploit | [Website] | [Source] | Tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit, 4 versions: Pro (paid), Express (paid), Community (free with GUI but on request), Framework (free, open source, CLI) | Ruby | Paid | False |
| PentestBox | [Website] | [Source] | Pre-configured portable penetration testing environment for Windows, all-in-one box | Free | False | |
| v0lt | [Source] | CTF toolkit / framework | Python | Free | False | |
| webqr | [Website] | Scan & create QR-code | Free | True |
Reverse Engineering
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| androguard | [Source] | Tool for reverse engineering and malware analysis of Android applications | Python | Free | False | |
| angr | [Source] | Platform-agnostic binary analysis framework | Python | Free | False | |
| Apk2Gold | [Source] | Android decompiler (wrapper for apktool, dex2jar, and jd-gui) | Shell | Free | False | |
| Apktool | [Website] | [Source] | Android disassembler and rebuilder | Java | Free | False |
| arm_now | [Source] | Tool that allows instant setup of virtual machines on various architectures for reverse, exploit, fuzzing and programming purpose | Python | Free | False | |
| Barf | [Source] | Binary Analysis and Reverse engineering Framework | Python | Free | False | |
| Binary Ninja | [Website] | Crossplatform binary analysis framework | Python | Paid | False | |
| binutils | [Website] | [Source] | GNU collection of binary tools | C | Free | False |
| binwalk | [Source] | Analyze, reverse engineer and extract firmware images (and other files, also usefull for Digital Forensics) | Python | Free | False | |
| boomerang | [Source] | x86 binaries to C decompiler | Cplusplus | Free | False | |
| ctf_import | [Website] | [Source] | Library to run basic functions from stripped binaries | C | Free | False |
| CFF Explorer | [Website] | PE Editor | Free | False | ||
| Droidefense | [Website] | [Source] | Android apps/malware analysis/reversing tool | Java | Free | False |
| Frida | [Website] | [Source] | Dynamic code instrumentation toolkit | C | Free | False |
| GDB | [Website] | [Source] | GNU debugger | Cplusplus | Free | False |
| GEF | [Source] | GDB Enhanced Features, multi-architecture GDB plugin | Python | Free | False | |
| Hopper | [Website] | Disassembler, decompiler and debugger | Paid | False | ||
| IDA Pro | [Website] | Disassembler and debugger | Paid | False | ||
| ILSpy | [Source] | .NET assembly browser and decompiler to C# | CSharp | Free | False | |
| jadx | [Source] | DEX to Java decompiler | Java | Free | False | |
| Java Decompilers | [Website] | .JAR and .Class to Java decompiler | Free | True | ||
| JEB | [Website] | Disassembler, decompiler and debugger | Paid | False | ||
| JSDetox | [Website] | [Source] | Javascript deobfustcator | Ruby | Free | False |
| Krakatau | [Source] | Java decompiler, assembler, and disassembler | Java | Free | False | |
| ldd | [Website] | Tool that print shared library dependencies | Free | False | ||
| Metasm | [Website] | [Source] | Assembler, disassembler, compiler and debugger | Ruby | Free | False |
| OllyDbg | [Website] | Windows debugger | Free | False | ||
| PE Insider | [Website] | PE viewer, closed source and windows only | Free | False | ||
| Plasma | [Source] | x86/ARM/MIPS interactive disassembler | Python | Free | False | |
| Pwndbg | [Source] | enhance GDB, GDB plugin | Python | Free | False | |
| Qira | [Website] | [Source] | Timeless debugger (QIRA = QEMU Interactive Runtime Analyser) | C | Free | False |
| RABCDAsm | [Website] | [Source] | ActionScript disassembler | D | Free | False |
| radare2 | [Website] | [Source] | Crossplatform binary analysis framework, disassembler, decompiler and debugger, support collaborative analysis | C | Free | False |
| strace | [Source] | Debugger for Linux | Free | False | ||
| Swftools | [Website] | [Source] | Collection of utilities to work with SWF files | C | Free | False |
| Triton | [Website] | [Source] | Dynamic binary analysis framework, automate reverse engineering | Cplusplus | Free | False |
| UglifyJS2 | [Website] | [Source] | JavaScript obfuscator or beautifier toolkit | JavaScript | Free | False |
| uncompyle | [Source] | Python 2.7 binaries (.pyc) decompiler | Python | Free | False | |
| uncompyle6 | [Source] | Python 1.5, 2.1 to 2.7, 3.1 to 3.6 binaries (.pyc) decompiler | Python | Free | False | |
| WinDbg | [Website] | Windows debugger | Free | False | ||
| xxxswf | [Source] | Small script for carving, scanning, compressing, decompressing and analyzing SWF files | Python | Free | False |
Steganography
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Audacity | [Website] | [Source] | Tool to edit and analyze audio tracks | Free | False | |
| exif | [Source] | Shows EXIF information for JPEG files only | C | Free | False | |
| ExifTool | [Website] | [Source] | Library and CLI tool to read and write meta information (EXIF, GPS, IPTC, XMP, JFIF, …) in files (JPEG, PNG, SVG, MPEG, …) | Perl | Free | False |
| Exiv2 | [Website] | [Source] | Library and CLI tool to read and write meta information (Exif, IPTC & XMP metadata and ICC Profile) in images (JPEG, TIFF, PNG, …) | Cplusplus | Free | False |
| ImageMagick | [Website] | [Source] | Software suite and library to create, edit, compose, or convert images | C | Free | False |
| Outguess | Tool to hide messages in files (website down since 2004) | Free | False | |||
| PNGtools | [Website] | [Source] | Suite of tools to work with PNG images | C | Free | False |
| SmartDeblur | [Source] | To to restore defocused and blurred images (update binary only for Windows, Mac OS binary out of date) | Cplusplus | Free | False | |
| Sonic Visualiser | [Website] | [Source] | Tool to edit and analyze audio tracks | Free | False | |
| Steganabara | [Source] | Steganography analysis tool | Java | Free | False | |
| Steghide | [Website] | [Source] | Tool to hide messages in images | Free | False | |
| StegoVeritas | [Source] | Automatic tool to bruteforce LSB, transform image, extract metadata or trailing data | Python | Free | False | |
| StegSolve | GUI tool to analyse images | Java | Free | False | ||
| zsteg | [Source] | Tool to detect hidden data in PNG and BMP | Ruby | Free | False |
System Exploitation
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| bkhive | [Source] | Dump the syskey bootkey from a Windows NT/2K/XP system hive, often used with samdump2, part of the ophcrack project | Free | False | ||
| BloodHound | [Website] | [Source] | Tool to reveal the hidden and unintended relationships within an Active Directory environment | PowerShell | Free | False |
| creddump | [Source] | Dump windows credentials | Python | Free | False | |
| DLLInjector | [Source] | Dll injection tool | Cplusplus | Free | False | |
| Empire | [Website] | [Source] | PowerShell and Python post-exploitation agent | Shell | Free | False |
| Empire GUI | [Website] | [Source] | GUI for Empire framework | JavaScript | Free | False |
| FFM | [Source] | Freedom Fighting Mode (FFM), hacking harness, post-exploitation tool | Python | Free | False | |
| goddi | [Source] | Active Directory domain information dumper | Go | Free | False | |
| LaZagne | [Source] | Password retriever | Python | Free | False | |
| lynis | [Website] | [Source] | Security auditing and hardening tool, for UNIX-based systems | Shell | Free | False |
| Nishang | [Source] | Framework, collection of scripts and payloads in PowerShell for offensive security, penetration testing and red teaming | PowerShell | Free | False | |
| p0wnedShell | [Source] | PowerShell runspace post exploitation toolkit | CSharp | Free | False | |
| PowerSploit | [Source] | Powershell exploitation framework | Powershell | Free | False | |
| samdump2 | [Source] | Retrieves syskey and extract hashes from Windows 2k/NT/XP/Vista SAM, often used with bkhive, part of the ophcrack project | Free | False | ||
| ShellPop | [Source] | Tool to craft bind and reverse shells in several languages | Python | Free | False |
Vulnerability Assessment
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| cvss-suite | [Source] | CVSS calculator library | Ruby | Free | False |
Web Application Exploitation
| Name | Website | Source | Description | Programming language | Price | Online |
|---|---|---|---|---|---|---|
| Acunetix | [Website] | Web application security scanner | Paid | True | ||
| Arachni | [Website] | [Source] | Web application security scanner framework | Ruby | Free | False |
| AssassinGo | [Website] | [Source] | Web pentest framework for information gathering and vulnerability scanning | Go | Free | False |
| Astra | [Website] | [Source] | REST API penetration testing tool | Python | Free | False |
| Burp Suite | [Website] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests (a limited free version exists) | Java | Paid | False | |
| Charles | [Website] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Paid | False | |
| CloudFrunt | [Source] | Scanner to identify misconfigured CloudFront domains | Python | Free | False | |
| CMSeek | [Source] | CMS detection and exploitation suite; capable of detection, security scans and bruteforce | Python | Free | False | |
| commix | [Website] | [Source] | Web-based command injection tester | Python | Free | False |
| CSWSH | [Website] | Cross-Site WebSocket Hijacking Tester | Free | False | ||
| dirb | [Website] | [Source] | Web content scanner (dictionary based) | Free | False | |
| DotDotPwn | [Website] | [Source] | Directory Traversal fuzzer | Perl | Free | False |
| dvcs-ripper | [Source] | Dump web accessible (distributed) version control systems (DVCS/VCS): SVN, GIT, Mercurial/hg, Bazaar/bzr, … | Perl | Free | False | |
| DVWA | [Website] | [Source] | Damn Vulnerable Web Application, insecure webapp for security trainings | PHP | Free | False |
| git-dump | [Source] | Dump the contents of a remote git repository without directory listing enabled | JavaScript | Free | False | |
| GitTools | [Source] | 3 tools: Finder (find websites with .git repository exposed), Dumper (dump exposed .git), Extractor (extract commits and their content from a broken repository) | Shell | Free | False | |
| Hackbar | [Website] | Firefox addon to manipulate HTTP requests (not compatible with Quantum) | Free | False | ||
| Hookbin | [Website] | [Source] | HTTP request collector and inspector | Java | Free | True |
| IronWASP | [Website] | [Source] | Web security/vulnerability scanner (native for Windows only) | C | Free | False |
| LFI Freak | [Source] | LFI scan and exploit tool | Python | Free | False | |
| LFI Suite | [Source] | Automatic LFI scanner and exploiter | Python | Free | False | |
| Kadimus | [Source] | LFI, RFI, RCE scanner | C | Free | False | |
| Malzilla | [Website] | [Source] | Web oriented deobfuscating tool | Free | False | |
| Mockbin | [Website] | [Source] | HTTP request collector and inspector | JavaScript | Free | True |
| Netsparker | [Website] | Web application security scanner | Paid | True | ||
| nikto | [Website] | [Source] | Web security scanner | Perl | Free | False |
| Nosql-Exploitation-Framework | [Source] | NoSQL scanning and exploitation framework | Python | Free | False | |
| OWASP JoomScan | [Source] | Joomla vulnerability scanner | Perl | Free | False | |
| OWASP Juice Shop CTF | [Website] | [Source] | Insecure webapp for security trainings | JavaScript | Free | False |
| OWASP ZAP | [Website] | [Source] | OWASP Zed Attack Proxy, intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Free | False |
| Panoptic | [Website] | [Source] | Automatic LFI and Path Traversal exploitation tool | Python | Free | False |
| Paros | [Source] | Intercepting proxy to replay, inject, scan and fuzz HTTP requests | Java | Free | False | |
| RequestBin | [Website] | [Source] | HTTP request collector and inspector | Python | Free | True |
| Simple Local File Inclusion Exploiter | [Website] | [Source] | LFI exploit tool | Python | Free | False |
| SleuthQL | [Source] | Tool that parses Burp history to discover potential SQL injection points and prepare SQLmap request files | Python | Free | False | |
| Spaghetti | [Source] | Web application security scanner | Python | Free | False | |
| sqlmap | [Website] | [Source] | Automatic SQL injection tool | Python | Free | False |
| SQLiv | [Source] | SQL injection scanner, find vulnerable entry points | Python | Free | False | |
| Tracy | [Source] | Tool that help to manually find XSS | Go | Free | False | |
| V3n0M | [Source] | Web dork and vulnerability scanner | Python | Free | False | |
| w3af | [Website] | [Source] | Web application attack and audit framework, web-oriented security scanner | Python | Free | False |
| wapiti | [Website] | [Source] | Web-oriented vulnerability scanner, can generates reports | Free | False | |
| Webhook Tester | [Website] | [Source] | HTTP request collector and inspector | PHP | Free | True |
| wikto | [Source] | Nikto for Windows; web security scanner | CSharp | Free | False | |
| WSSAT | [Website] | [Source] | Web security scanner | CSharp | Free | False |
| Xenotix | [Website] | [Source] | XSS detection and exploit framework (Windows only) | Python | Free | False |
| XSSer | [Website] | [Source] | XSS automatic scanner and exploiter | Python | Free | False |
| XSSor | [Source] | XSS scanner plugin for Burp Suite | Python | Free | False | |
| XSS'OR | [Website] | [Source] | Multi-purpose tool for XSS or JavaScript analysis | JavaScript | Free | True |
| XSS'OR 2 | [Website] | [Source] | Multi-purpose tool for XSS or JavaScript analysis | JavaScript | Free | True |