Pentesting Tools

Offensive security tools are used to discover/confirm the existence of security holes and test the ability of an organization to detect and respond to security incidents. Many offensive security tools are free or open-source.

DISCLAIMER Information provided on this site is intended to improve security for everyone. The use of some of the tools listed on this site without implicit permission from the target is probably illegal in your jurisdiction. There is no need to get arrested and go to prison doing something stupid. There are bug bounty programs and penetration testing jobs that pay well, with little risk of time in prison. Do not hack shit you do not have permission to hack!

Android Open Pwn https://www.pwnieexpress.com/blog/android-open-pwn-project – Hacking oriented Android distribution by Pwnie Express.

Bloodhound  https://github.com/BloodHoundAD/BloodHound/wiki – Once you have credentials, where do you go first? Bloodhound pulls data from Active Directory and visualizes privileged accounts and what they have access to.

Censyshttps://censys.io/ – Free site for searching a database of a large number of IPV4 devices connected to the Internet.

DNSCat2 – https://github.com/iagox86/dnscat2 – Tool that can create an encrypted tunnel over DNS for command and control uses.

ExploitDBhttps://www.exploit-db.com/ – Database of exploits.

Kali Linux https://www.kali.org/ – Kali Linux pentesting distribution.

Metasploithttp://www.metasploit.com/ – Metasploit pentesting framework.

Nmaphttps://nmap.org/ – Nmap port scanner.

OWASPhttps://www.owasp.org/ – The Open Web Application Security Project (OWASP)

PowerShell Empire – https://github.com/powershellempire/empire – PowerShell Post Exploitation agent.

The Penetration Testers Framework (PTF) – https://github.com/trustedsec/ptf – A tool created by David Kennedy that handles the install and updating of penetration testing tools in Linux. Useful for creating your own custom hacking distro.

Responder https://github.com/SpiderLabs/Responder – Responder is an awesome tool once you get in or for internal tests. It makes Windows networks rain passwords and password hashes.,

SecTools.org – http://sectools.org/ – SecTools.org (Nmap project) maintains a top 125 network security tools list.

Shodanhttps://www.shodan.io/ – Shodan scans the Internet and provides a searchable interface to the information collected.

Sqlmap – http://sqlmap.org/ – Tool that can find and exploit weaknesses within various SQL database platforms.

Veil Evasion – https://github.com/Veil-Framework/Veil-Evasion – The Veil Evasion framework does a lot of things, including creating payloads that aim to avoid AV detection.

Vulnhubhttps://www.vulnhub.com/ – Vulnhub provides intentionally vulnerable virtual machines to practice on.

Wall of Sheephttp://www.wallofsheep.com/ – Site that sells all kinds of hacking gadgets, lockpicks, RFID readers and etc. Very cool stuff.

WarBerryPi  https://github.com/secgroundzero/warberry – Scripts for running a number of security tools on the Raspberry Pi.