4 minutes
My Favorite Tools
Just a list of cool cybersec tools! The ones I use the most ( or not ) and the one I discovered during my journey. Ordered by categories (kinda)
Reconnaissance & Enumeration
| Scanning | Footprint | Discovery |
|---|---|---|
| Nmap (good old) | Recon-ng | Gobuster |
| Rustscan | BlackWidow | ffuf |
| NmapAutomator | CmSeek | Sublist3r |
| angryIP (angry scan) | Eyewitness | VhostScan |
| Massscan | Recon (All in one) | SubFinder |
| Shodan (the iot scanner) | ||
| WpScan (WordPress favorite) | ||
| DnsDumpster (dig on steroids!) | ||
| Ahmia (dark web search) | ||
| WHOIS (nothing beat basics) | ||
| viewDns (whois++) |
Vulnerability scanners ( For either professionals, lazy people, or both)
| Free (for you and me) | Paid (If you got money) |
|---|---|
| Nikto (technically correct) | Acunetix |
| RapidScan (Try it!) | Nessus (technically it’s not free) |
| OpenVas | Nexpose (free trial) |
| Vega |
Exploitation
| Frameworks and payload generators | Common exploits |
|---|---|
| Metasploit (The unmatched) | Exploitdb (searchsploit) |
| Getsploit (vulners) | SqlMap |
| PentestMonkey (instant shell) | NosqlMap |
| RevShells (shells of quality) | AttackerKB (information is power) |
| P.A.T.T | commix |
| Slowloris (Don’t) |
Web (specials)
| Proxies | Frameworks and other scanners |
|---|---|
| BurpSuite (community edition) | Arachni |
| OWASP ZAP (It’s from OWASP) | Golismero |
| DnsTwist | Leviathan ( sadly DEPRECATED ) |
| Caido.io |
Cloud (specials)
Windows (specials)
| Specific services | Active Directory | Post-exploit |
|---|---|---|
| Enum4Linux | Kerbrute | Mimikatz (the looter) |
| EvilWinRM | Impacket tools | |
| CrackMapExec | ||
| Bloodhound |
Android (specials)
| Analysis | Attacks |
|---|---|
| MobSF | SARA (careful with this one) |
| ApkTool (uses jadx) | backdoor-apk |
| Adb | TheFatRat (obese rodent) |
| Anbox (or any emulator for dynamic testing) | MsfVenom |
| Zimperium tools (yeah…kinda) | |
| Apkleaks | |
| MARA | |
| Drozer | |
| Inspeckage | |
| Quark | |
| DeGuard |
Cryptography
| Crackers | Hashes | Decoders |
|---|---|---|
| John (the ripper) | HashCat (a cat) | Dcode |
| Hydra (the legacy) | CrackStation | Cyberchef |
| SSHTrix (for ssh) | HashCrack | jwt |
| Ciphey and Ares | Hashes.com | Boxentriq |
| Hash analyzer | ||
| md5hashing |
wordlist generators
Reverse Engineering / Binary exploitation
| Disassembler Frameworks | Debuggers and Decompilers |
|---|---|
| IDA Pro (industry standard) | GDB (check PwnDbg, PEDA, gef and OllyDbg) |
| Ghidra (pride of the NSA) | Cutter |
| Radare2 | PwnTools (technically…) |
| DogBolt (also check godbolt.org) |
Steganography
| Embedded data and Text | Image Manipulation | Audio |
|---|---|---|
| steghide | StegSolve | Sonic visualizer |
| stegseek | StegoSuite | Audacity |
| ExifTool (might work) | Gimp (PhotoShop or whatever) | Morse decoder |
| PlainSight | Zbar-tools | |
| FotoForensics | ||
| ZSteg | ||
| AperiSolve |
Wifi
- Wifite 2
- kismet
- Aircrack suite (the OG)
Privilege escalation
- Linenum
- GTFOBins (the ultimate)
- PEASS tools
- JAWS
Post-exploitation
| Command and control (C2) | Persistance (Rootkits +++) pivot and more |
|---|---|
| Cobalt strike (industry standard) | Reptile |
| PwnCat (another cat) | chisel |
| Empire ([deprecated] check StarKiller) | |
| Metasploit (yes, again!) | |
| Covenant |
Social Engineering
- SET (number one)
- ThisPersonDoesNotExist (don’t misuse this one)
- NameFake (do not misuse it!)
OSINT
- OSINT Framework (its a framework)
- OSINT techniques
- wigle (google maps for networks)
- Maltego (Feel like a Professional)
- WayBack machine (time travel powered by internet)
- IntelX
- SpiderFoot
- Sherlock (elementary)
- BBot
- fbi (might be dead)
Anonymity and Evasion
Forensics
Malware Analysis
- VirusTotal (too famous)
- Pithus (for android)
- VxUnderground (what is the password?)
Utilities (Browser extensions and such )
- FoxyProxy (you know this one)
- OneCompiler (underrated online compiler)
- Hack-tools (this one is cool)
- coding tools
- ua-switcher (custom ua)
- code beautify (does a lot more than that)
- search by image
- busybox (unix binaries for everyone)
- LolBas
- NirSoft (don’t ruin it’s reputation)
- FreeFormatter
- whatPortis
- GitTools
- extendsclass
Threat detection, network monitoring and remediation
- Splunk (If you understand it)
- MITRE ATT&CK |
- Wireshark (the shark)
- GreyNoise
- sysinternals
- AttackerKB |
My favorites ( kek )
My most used tools, mostly defines my typical process
- Utilities
- Google (your best friend! I google a lot)
- ngrok (Because IRL network setup is painful)
- Enumeration:
- Access (exploitation):
- Meta-f*cking-sploit (expect it again)
- SqlMap (will sql injection be obsolete in the future?)
- Post-Exploitation:
- GTFObins (useful hindsights)
For Other challenges:
- Crypto: dcode, CrackStation, RapidTables converter…
- Forensics: volatility
For when I am lazy:
All-in-one and frameworks/Auto-Exploiters:
- Pentest-tools with their playground
- RapidScan
- VulnX
- HackingTool (this thing is a big bundle)
- AutoSploit
- XAttacker
- FSociety (to feel like Mr Robot)
- Monkey (I swear it’s their real name)
- Vulnnr (DEAD)
- Sn1per
- Jok3r
More tools (Moarrrr!)
Here is a list of places to find more tools:
- Github ( a lot in here! ) also check this repository, this one and this guy
- Kitploit
- BlackArch tools (Or any Pentest Linux distro tools)
- kali tools
- random medium article
- Linux security
- RawSec tools
- Also Google
There are also some shady places (mostly onion links) with mad awesome tools, but we are not going there. Also if for any reason you want to do Pentesting from a windows machine (for whatever reason) you could look into PentestBox instead of downloading tools separately. But this is a bit old (2016) and tools are not updated regularly. WSL looks like a better option.
Do not feed the script kiddy in you. Tools are cool but knowledge is better! ( But tools are cool though )