Tools

Penetration Testing Tools

Information Gathering

1. Nmap - Network scanning and service discovery.

2. Netcat - A networking utility for debugging and exploration.

3. Whois - Domain registration information.

4. Sublist3r - Subdomain enumeration.

5. TheHarvester - Information gathering on emails, subdomains, and hosts.

6. Amass - Advanced subdomain enumeration tool.

7. WhatWeb - Identifies technologies used by websites.

8. dnsrecon - DNS enumeration tool.

9. Dig - DNS lookup and analysis.

10. FOCA - Metadata analysis and information extraction.

Vulnerability Scanning

1. Nessus - Comprehensive vulnerability scanner.

2. OpenVAS - Open-source vulnerability scanner.

3. Nikto - Web server scanner to find security issues.

4. Wfuzz - Brute-force web applications for directories and parameters.

5. OWASP ZAP - Web application security scanner and proxy tool.

6. Burp Suite - Web application vulnerability scanner and proxy tool.

7. Arachni - Web application security scanner.

8. Vega - A vulnerability scanner for web applications.

9. Wapiti - A web application scanner that supports multiple attack vectors.

10. Skipfish - A fast web application security scanner.

Exploitation

1. Metasploit - Exploitation framework for developing and executing exploits.

2. BeEF - Browser exploitation framework.

3. SQLmap - Automated SQL injection and database takeover tool.

4. MSFvenom - Payload generator and encoder.

5. Ettercap - Man-in-the-middle attack tool.

6. Responder - Tool for LLMNR, NBT-NS, and MDNS poisoning.

7. Mimikatz - Post-exploitation tool to extract plaintext passwords, hashes, PIN codes, and kerberos tickets.

8. Empire - Post-exploitation framework.

9. Hydra - Password brute-forcing tool.

10. CrackMapExec - Post-exploitation tool for automating common tasks on Windows networks.

Wireless Networking

1. Aircrack-ng - Wireless network security tools suite.

2. Reaver - WPS pin brute-force tool for breaking WPA2 networks.

3. Wifite - Wireless auditing tool for WPA and WEP.

4. Kismet - Wireless network detector, sniffer, and IDS.

5. Fluxion - Social engineering attack tool for WPA handshakes.

6. Wireshark - Network protocol analyzer for sniffing traffic.

Password Cracking

1. John the Ripper - Password cracking tool.

2. Hashcat - Advanced password cracking tool supporting various algorithms.

3. Aircrack-ng - Cracks WEP and WPA-PSK keys.

4. Cain & Abel - Password recovery tool for various protocols.

5. RainbowCrack - Cracks hashes using pre-computed rainbow tables.

Post-Exploitation and Privilege Escalation

1. LinPEAS - Linux privilege escalation audit script.

2. Windows-Exploit-Suggester - Windows privilege escalation suggestion tool.

3. PowerUp - PowerShell script for Windows privilege escalation.

4. KernelExploits - Collection of known kernel exploits.

5. Netcat - Remote shell and backdoor tool.

6. PsExec - Windows tool to execute processes on remote systems.

7. Lateral Movement Tools - Tools for lateral movement within networks.

Web Application Testing

1. Burp Suite - Web application proxy and vulnerability scanner.

2. OWASP ZAP - Open-source web application security testing framework.

3. Nikto - Web server scanner.

4. Gobuster - Directory and subdomain brute-forcing tool.

5. Ffuf - Fast web fuzzing tool for directories, files, and DNS.

6. Commix - Automated tool for testing and exploiting command injection vulnerabilities.

7. XSSer - Tool to automate the testing of Cross-Site Scripting (XSS) vulnerabilities.

Miscellaneous

1. Social Engineering Toolkit (SET) - A tool for automating social engineering attacks.

2. Responder - Poisoning attack tool for network credentials.

3. Ncat - A feature-packed networking tool for almost any task.

4. Scapy - A powerful Python-based network packet manipulation tool.

5. Tshark - Command-line network protocol analyzer.

6. Recon-ng - Full-featured web reconnaissance framework.

7. LinEnum - Linux enumeration script for post-exploitation.