Open Web Application Security Project (OWASP) – Worldwide not-for-profit charitable organization focused on improving the security of especially Web-based and Application-layer software.
PENTEST-WIKI – Free online security knowledge library for pentesters and researchers.
Penetration Testing Framework (PTF) – Outline for performing penetration tests compiled as a general framework usable by vulnerability analysts and penetration testers alike.
XSS-Payloads – Ultimate resource for all things cross-site including payloads, tools, games and documentation.
Tails – Live OS aimed at preserving privacy and anonymity.
Hacking Tools
Penetration Testing Distributions
Kali – GNU/Linux distribution designed for digital forensics and penetration testing Hacking Tools
ArchStrike – Arch GNU/Linux repository for security professionals and enthusiasts.
BlackArch – Arch GNU/Linux-based distribution with best Hacking Tools for penetration testers and security researchers.
Network Security Toolkit (NST) – Fedora-based bootable live operating system designed to provide easy access to best-of-breed open source network security applications.
Pentoo – Security-focused live CD based on Gentoo.
BackBox – Ubuntu-based distribution for penetration tests and security assessments.
Parrot – Distribution similar to Kali, with multiple architectures with 100 of Hacking Tools.
Buscador – GNU/Linux virtual machine that is pre-configured for online investigators.
Fedora Security Lab – Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
The Pentesters Framework – Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that eliminates often unused toolchains.
AttifyOS – GNU/Linux distribution focused on tools useful during Internet of Things (IoT) security assessments.
SPARTA – Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools.
dnschef – Highly configurable DNS proxy for pentesters.
DNSDumpster – one of the Hacking Tools for Online DNS recon and search service.
CloudFail – Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS.
dnsenum – Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
dnsmap – One of the Hacking Tools for Passive DNS network mapper.
dnsrecon – One of the Hacking Tools for DNS enumeration script.
dnstracer – Determines where a given DNS server gets its information from, and follows the chain of DNS servers.
passivedns-client – Library and query tool for querying several passive DNS providers.
passivedns – Network sniffer that logs all DNS server replies for use in a passive DNS setup.
Mass Scan – best Hacking Tools for TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
Zarp – Network attack tool centered around the exploitation of local networks.
mitmproxy – Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Printer Exploitation Toolkit (PRET) – Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.
Praeda – Automated multi-function printer data harvester for gathering usable data during security assessments.
routersploit – Open source exploitation framework similar to Metasploit but dedicated to embedded devices.
evilgrade – Modular framework to take advantage of poor upgrade implementations by injecting fake updates.
XRay – Network (sub)domain discovery and reconnaissance automation tool.
Ettercap – Comprehensive, mature suite for machine-in-the-middle attacks.
BetterCAP – Modular, portable and easily extensible MITM framework.
CrackMapExec – A swiss army knife for pentesting networks.
impacket – A collection of Python classes for working with network protocols.
Wireless Network Hacking Tools
Aircrack-ng – Set of Penetration testing & Hacking Tools list for auditing wireless networks.
Kismet – Wireless network detector, sniffer, and IDS.
Reaver – Brute force attack against WiFi Protected Setup.
Fluxion – Suite of automated social engineering based WPA attacks.
Transport Layer Security Tools
SSLyze – Fast and comprehensive TLS/SSL configuration analyzer to help identify security mis-configurations.
tls_prober – Fingerprint a server’s SSL/TLS implementation.
testssl.sh – Command line tool which checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.
Web Exploitation
OWASP Zed Attack Proxy (ZAP) – Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.
Fiddler – Free cross-platform web debugging proxy with user-friendly companion tools.
Burp Suite – One of the Hacking Tools ntegrated platform for performing security testing of web applications.
autochrome – Easy to install a test browser with all the appropriate setting needed for web application testing with native Burp support, from NCCGroup.
WordPress Exploit Framework – Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
WPSploit – Exploit WordPress-powered websites with Metasploit.
SQLmap – Automatic SQL injection and database takeover tool.
tplmap – Automatic server-side template injection and Web server takeover Hacking Tools .
NoSQLmap – Automatic NoSQL injection and database takeover tool.
VHostScan – A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
FuzzDB – Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
EyeWitness – Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible.
webscreenshot – A simple script to take screenshots of list of websites.
0xED – Native macOS hex editor that supports plug-ins to display custom data types.
File Format Analysis Tools
Kaitai Struct – File formats and network protocols dissection language and web IDE, generating parsers in C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.
Veles – Binary data visualization and analysis tool.
Hachoir – Python library to view and edit a binary stream as tree of fields and tools for metadata extraction.
Defense Evasion Tools
Veil – Generate metasploit payloads that bypass common anti-virus solutions.
shellsploit – Generates custom shellcode, backdoors, injectors, optionally obfuscates every byte via encoders.
Hyperion – Runtime encryptor for 32-bit portable executables (“PE .exes”).
AntiVirus Evasion Tool (AVET) – Post-process exploits containing executable files targeted for Windows machines to avoid being recognized by antivirus software.
peCloak.py – Automates the process of hiding a malicious Windows executable from antivirus (AV) detection.
peCloakCapstone – Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.
UniByAv – Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.
Hash Cracking Hacking Tools
John the Ripper – One of the best Hacking Tools for Fast password cracker.
Hashcat – Another One of the Hacking Tools The more fast hash cracker.
CeWL – Generates custom wordlists by spidering a target’s website and collecting unique words.
JWT Cracker – Simple HS256 JWT token brute force cracker.
Fibratus – Tool for exploration and tracing of the Windows kernel.
wePWNise – Generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
redsnarf – Post-exploitation tool for retrieving password hashes and credentials from Windows workstations, servers, and domain controllers.
Magic Unicorn – Shellcode generator for numerous attack vectors, including Microsoft Office macros, PowerShell, HTML applications (HTA), or certutil (using fake certificates).
DeathStar – Python script that uses Empire’s RESTful API to automate gaining Domain Admin rights in Active Directory environments.
GNU/Linux Utilities
Linux Exploit Suggester – Heuristic reporting on potentially viable exploits for a given GNU/Linux system.
macOS Utilities
Bella – Pure Python post-exploitation data mining and remote administration tool for macOS.
DDoS Tools
LOIC – Open source network stress tool for Windows.
UFONet – Abuses OSI layer 7 HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
Social Engineering Tools
Social Engineer Toolkit (SET) – Open source pentesting framework designed for social engineering featuring a number of custom attack vectors to make believable attacks quickly.
King Phisher – One of the Hacking Tools for Phishing campaign toolkit used for creating and managing multiple simultaneous phishing attacks with custom email and server content.
Evilginx – MITM attack framework used for phishing credentials and session cookies from any Web service.
wifiphisher – Automated phishing attacks against WiFi networks.
Catphish – Tool for phishing and corporate espionage written in Ruby.
Virus Total – VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
DataSploit – OSINT visualizer utilizing Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye behind the scenes.
AQUATONE – Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.
Intrigue – Automated OSINT & Attack Surface discovery framework with powerful API, UI and CLI.
ZoomEye – Search engine for cyberspace that lets the user find specific network components.
Anonymity Tools
Tor – Free software and onion routed overlay network that helps you defend against traffic analysis.
OnionScan – One of the Hacking Tools for investigating the Dark Web by finding operational security issues introduced by Tor hidden service operators.
rVMI – Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.
Frida – Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
Physical Access Tools
LAN Turtle – Covert “USB Ethernet Adapter” that provides remote access, network intelligence gathering, and MITM capabilities when installed in a local network.
USB Rubber Ducky – Customizable keystroke injection attack platform masquerading as a USB thumbdrive.
Poisontap – Siphons cookies, exposes internal (LAN-side) router and installs web backdoor on locked computers.
WiFi Pineapple – Wireless auditing and penetration testing platform.
Proxmark3 – RFID/NFC cloning, replay, and spoofing toolkit often used for analyzing and attacking proximity cards/readers, wireless keys/keyfobs, and more.
Side-channel Tools
ChipWhisperer – Complete open-source toolchain for side-channel power analysis and glitching attacks.
CTF Tools
ctf-tools – Collection of setup scripts to install various security research tools easily and quickly deployable to new machines.
Pwntools – Rapid exploit development framework built for use in CTFs.
RsaCtfTool – Decrypt data enciphered using weak RSA keys, and recover private keys from public keys using a variety of automated attacks.
Penetration Testing Report Templates
Public Pentesting Reports – Curated list of public penetration test reports released by several consulting firms and academic security groups.
National Vulnerability Database (NVD) – United States government’s National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.
US-CERT Vulnerability Notes Database – Summaries, technical details, remediation information, and lists of vendors affected by software vulnerabilities, aggregated by the United States Computer Emergency Response Team (US-CERT).
Full-Disclosure – Public, vendor-neutral forum for detailed discussion of vulnerabilities, often publishes details before many other sources.
Bugtraq (BID) – Software security bug identification database compiled from submissions to the SecurityFocus mailing Penetration testing tools list and other sources, operated by Symantec, Inc.
Exploit-DB – Non-profit project hosting exploits for software vulnerabilities, provided as a public service by Offensive Security.
Microsoft Security Bulletins – Announcements of security issues discovered in Microsoft software, published by the Microsoft Security Response Center (MSRC).
Packet Storm – Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry.
CXSecurity – Archive of published CVE and Bugtraq software vulnerabilities cross-referenced with a Google dork database for discovering the listed vulnerability.
SecuriTeam – Independent source of software vulnerability information.
Vulnerability Lab – Open forum for security advisories organized by category of exploit target.
Zero Day Initiative – Bug bounty program with the publicly accessible archive of published security advisories, operated by TippingPoint.
Vulners – Security database of software vulnerabilities.
Inj3ct0r (Onion service) – Exploit marketplace and vulnerability information aggregator.
Open Source Vulnerability Database (OSVDB) – Historical archive of security vulnerabilities in computerized equipment, no longer adding to its vulnerability database as of April, 2016.Hacking Tools
HPI-VDB – Aggregator of cross-referenced software vulnerabilities offering free-of-charge API access, provided by the Hasso-Plattner Institute, Potsdam.Hacking Tools
CTF Field Guide – Everything you need to win your next CTF competition.
ARIZONA CYBER WARFARE RANGE – 24×7 live fire exercises for beginners through real world operations; capability for upward progression into the real world of cyber warfare.
Cybrary – Free courses in ethical hacking and advanced penetration testing. Advanced penetration testing courses are based on the book ‘Penetration Testing for Highly-Secured Environments’.
Computer Security Student – Many free tutorials, great for beginners, $10/mo membership unlocks all content.
AppSec – Resources for learning about application security.
CTFs – Capture The Flag frameworks, libraries, etc.
InfoSec § Hacking challenges – Comprehensive directory of CTFs, wargames, hacking challenge websites,Penetration testing tools list practice lab exercises, and more.
