An open-source penetration testing framework containing PowerShell scripts and modules. The PowerSploit toolkit contains exploits for code execution, script modification, data exfiltration, and more.
An open-source packet crafting and injection tool, Nemesis supports many different protocols and can be used for Layer 2 injection on both Windows and Linux systems.
A free and open-source command-line packet crafting and analysis tool.
The hping3 tool can send custom ICMP/UDP/TCP packets for use cases such as testing firewalls or network performance.
An open-source network packet analyzer that uses grep-like patterns. The ngrep tool supports many different protocols across a wide range of interface types.
An open-source intrusion detection and prevention system. Users can define rules in Snort that indicate malicious network activity and search for packets that match these rules.
An open-source fork of the Ettercap project and so-called โSwiss Army knifeโ for network attacks. Bettercap can be used on Wi-Fi networks, Bluetooth connections, and 2.4GHz wireless devices.
An open-source comprehensive suite for man-in-the-middle attacks. Ettercap offers both a command-line and GUI interface and includes features such as live packet sniffing and content filtering.
An open-source web application security scanner and testing tool. ZAP provides features for automating web security and offers an extensive library of community add-ons.
Packet Sniffing and Spoofing Tools
An open-source graphical cyber attack management tool. Armitage helps red team members visualize their targets and provides recommendations for exploits and attacks.
An open-source SQL injection vulnerability testing tool. SQLMap allows users to fetch data from a SQL database, access the underlying file system, and run operating system commands.
An open-source penetration testing framework containing PowerShell scripts and modules. The PowerSploit toolkit contains exploits for code execution, script modification, data exfiltration, and more.
An open-source browser exploitation penetration testing tool. BeEF can integrate with Metasploit and uses attack vectors to target different web browsers and contexts.
An open-source penetration testing framework for social engineering attacks. Users can perform attacks via Java applets, credential harvesting, SMS spoofing, and much more.
A paid penetration testing and vulnerability assessment tool. Core Impact can run automated rapid penetration tests and provides a library of exploits for testers.
A penetration testing framework with free and paid versions. Metasploit is a Ruby-based, modular tool that comes preinstalled on the Kali Linux distribution.
It offers separate versions for Windows, Linux, and macOS. It mainly uses
the DoD 5220.22 M data destruction algorithm. KillDisk allows you to erase multiple codes simultaneously.
A crypto drainer โ or crypto wallet drainer โ is a type of malware thatโs been targeting crypto owners since it first appeared just over a year ago. A crypto drainer is designed to (quickly) empty crypto wallets automatically
An open-source tool for extracting different credential types from packet capture files. Pcredz includes support for a wide variety of protocols and logs all credentials to a single file for easy access.
An open-source tool in the Social-Engineer Toolkit (SET) for credential theft. The Credential Harvester tool clones a legitimate website and steals usersโ login information and passwords.
An open-source phishing toolkit for organizations. GoPhish can run on Windows, macOS, and Linux and lets users quickly and easily spin up phishing attacks.
An open-source wireless and ethernet phishing tool. Ghost Phisher supports features such as webpage hosting, credential logging, Wi-Fi access point emulation, session hijacking, and more.
An open-source man-in-the-middle attack framework. Evilginx can be used to steal usersโ login credentials and session cookies, allowing the tool to bypass two-factor authentication.
An open-source automated tool for two-factor authentication phishing. ReelPhish is developed by Mandiant and supports multi-page authentication techniques for decentralized platforms.
An open-source rogue access point framework for Wi-Fi security testing. Wifiphisher lets users run man-in-the-middle and web phishing attacks to capture user credentials and spread malware.
A powerful OSINT and link analysis tool with free and paid versions. Maltego features integrations with dozens of data sources, including Mandiant, Censys, PolySwarm, Splunk, and many more.
An open-source phishing campaign toolkit. King Phisher helps users simulate real-world phishing attacks and includes features such as embedded email images, credential harvesting, and website cloning.
An open-source Linux-based digital forensics environment. CAINE offers a user-friendly graphical interface and provides dozens of tools and integrations with other software.
An open-source fast file carver based on Foremost for digital forensics. Scalpel is more efficient than Foremost and supports Windows, macOS, and Linux devices.
A crypto drainer is a phishing tool designed for the web3 ecosystem. A crypto drainer is designed to (quickly) empty crypto wallets automatically by siphoning off either all or just the most valuable assets they contain
A paid incident response and forensic live CD. The Helix3 Pro can make forensic images of all internal devices and physical memory across Windows, macOS, and Linux.
Paid forensic software with advanced file carving. X-Ways Forensics is a high-performance, resource-efficient tool that is fully portable on a USB drive.
An open-source toolkit for forensic analysis and triage. SIFT includes support for dozens of file systems and images and offers tools for incident response.
A Paid software for digital forensics and incident response software. EnCase processes files quickly and efficiently and supports a wide range of computers and mobile devices.
An open-source web application vulnerability testing tool. WebScarab is written in Java and offers a modular set of interface components that users can swap in and out.
An open-source web vulnerability scanner and testing platform. Vega can search for security flaws such as SQL injection, cross-site scripting, and exposure of sensitive data.
An open-source web application security reconnaissance tool for Kali Linux. Skipfish crawls a website to generate an interactive sitemap and then performs a number of security checks.
A Wi-Fi network scanning and troubleshooting tool. InSSIDer provides information about Wi-Fi network configuration and the impact of nearby Wi-Fi networks on performance.
An open-source brute-force WPA2-PSK password cracking tool. CoWPAtty can help users identify weak passphrases that generate the pairwise master key (PMK).
An open-source WPS brute-force attack tool. Bully is written in the C programming language and offers improved memory and CPU performance compared with Reaver.
An open-source wireless security audit and attack tool for Linux. Fern can help crack and recover WEP/WPA/WPS keys and supports other network-based attacks.
An open-source wireless network detector, sniffer, and IDS. Kismet can run on Windows, macOS, and Linux and tests connections such as Wi-Fi, Bluetooth, Zigbee, and RF
An open-source automated wireless network auditing tool. Wifite uses tools such as Aircrack-ng and Reaver to test WEP and WPA-encrypted wireless networks.
An open-source packet crafting and injection tool, Nemesis supports many different protocols and can be used for Layer 2 injection on both Windows and Linux systems.
A free and open-source command-line packet crafting and analysis tool.
The hping3 tool can send custom ICMP/UDP/TCP packets for use cases such as testing firewalls or network performance.
An open-source network packet analyzer that uses grep-like patterns. The ngrep tool supports many different protocols across a wide range of interface types.
An open-source intrusion detection and prevention system. Users can define rules in Snort that indicate malicious network activity and search for packets that match these rules.
An open-source fork of the Ettercap project and so-called โSwiss Army knifeโ for network attacks. Bettercap can be used on Wi-Fi networks, Bluetooth connections, and 2.4GHz wireless devices.
An open-source comprehensive suite for man-in-the-middle attacks. Ettercap offers both a command-line and GUI interface and includes features such as live packet sniffing and content filtering.
An open-source web application security scanner and testing tool. ZAP provides features for automating web security and offers an extensive library of community add-ons.
Packet Sniffing and Spoofing Tools
An open-source graphical cyber attack management tool. Armitage helps red team members visualize their targets and provides recommendations for exploits and attacks.
An open-source SQL injection vulnerability testing tool. SQLMap allows users to fetch data from a SQL database, access the underlying file system, and run operating system commands.
An open-source penetration testing framework containing PowerShell scripts and modules. The PowerSploit toolkit contains exploits for code execution, script modification, data exfiltration, and more.
An open-source browser exploitation penetration testing tool. BeEF can integrate with Metasploit and uses attack vectors to target different web browsers and contexts.
An open-source penetration testing framework for social engineering attacks. Users can perform attacks via Java applets, credential harvesting, SMS spoofing, and much more.
A paid penetration testing and vulnerability assessment tool. Core Impact can run automated rapid penetration tests and provides a library of exploits for testers.
A paid web application security testing tool, Burp Suite comes with features for both automated dynamic web scanning and tools to enhance manual vulnerability testing that can test smart contracts and APIs connected to digita
A penetration testing framework with free and paid versions. Metasploit is a Ruby-based, modular tool that comes preinstalled on the Kali Linux distribution.
An open-source password auditing and recovery tool. L0phtCrack supports attack techniques, including dictionary and brute-force attacks and rainbow tables
An open-source fast, massively parallel password-cracking tool. Medusa can perform brute-force password testing against multiple hosts or users simultaneously.
A free and open source โproof of conceptโ password cracker tool. THC Hydra is available for Windows, macOS, and Linux and supports protocols such as FTP, SMTP, and HTTP-GET
An open-source parallelized network login cracker tool. Hydra can crack dozens of protocols, including Cisco, HTTP(S), ICQ, IMAP, MySQL, Oracle, SMTP, and more.
An open-source suite of Wi-Fi network security tools. Aircrack-ng includes utilities for monitoring, packet capture, attacking, testing, and cracking Wi-Fi passwords.
An open-source advanced password recovery tool. Hashcat calls itself โthe worldโs fastest password crackerโ and provides advanced features such as distributed cracking networks.
An open-source password cracker tool for auditing and recovery. John the Ripper supports hundreds of hash and cipher types, including Unix, Windows, macOS, WordPress, database servers, filesystems, archives, and more.
It offers separate versions for Windows, Linux, and macOS. It mainly uses
the DoD 5220.22 M data destruction algorithm. KillDisk allows you to erase multiple codes simultaneously.
An open-source web server scanner and tester. Nikto can check for more than 6,000 potentially dangerous files and programs on web servers, as well as outdated servers and other problems.
A paid security scanner and penetration testing tool with a free trial. SAINT includes features for vulnerability management, configuration assessment, penetration testing, incident response, and reporting.
A paid comprehensive on-premises vulnerability scanner with a 30-day trial. Nexpose scans and identifies vulnerabilities in network assets, databases, web applications, and even virtualization and cloud infrastructure.
A paid cloud-based vulnerability management platform with a 30-day trial. Qualys provides continuous monitoring and visibility across networks, web applications, and endpoints in an IT ecosystem.
A paid web application vulnerability scanner. Acunetix offers advanced scanning techniques and comprehensive reporting to identify more than 7,000 vulnerabilities in web applications.
An open-source network utility tool. Netcat can be used for a wide variety of tasks, including port scanning, file transfer, and remote command execution.
An open-source TCP and UDP port scanner. Unicornscan uses asynchronous scanning techniques, letting users scan large networks more quickly and efficiently.
