🛠️ Pentesting Arsenal
Professional-grade security tools for ethical hackers and penetration testers
🔍 Reconnaissance & Information Gathering
Nmap
The king of network discovery and security auditing. Essential for port scanning and service enumeration.
nmap -sS -sV -A target.com Masscan
Ultra-fast port scanner capable of scanning the entire internet in under 6 minutes.
masscan -p1-65535 192.168.1.0/24 --rate=1000 Amass
Advanced subdomain enumeration tool that uses multiple data sources for comprehensive discovery.
amass enum -d example.com theHarvester
Gather emails, subdomains, hosts, employee names, and more from public sources.
theHarvester -d example.com -b google Recon-ng
Full-featured reconnaissance framework with modular design for web-based reconnaissance.
recon-ng -w workspace DNSRecon
DNS enumeration tool with support for multiple DNS record types and zone transfers.
dnsrecon -d example.com -t axfr Subfinder
Fast passive subdomain enumeration tool using multiple sources for comprehensive discovery.
subfinder -d example.com -silent Nuclei
Fast vulnerability scanner using templates for comprehensive security testing.
nuclei -u https://example.com Argus Scanner
Powerful network monitoring and audit tool for network flow analysis and security monitoring.
argus -d -e localhost -w argus.out Kali-whoami
System information gathering tool for Kali Linux environments and user enumeration.
kali-whoami 🌐 Web Application Security
Burp Suite
Industry-standard web application security testing platform. Essential for every web pentest.
Professional web app proxy & scanner OWASP ZAP
Free and open-source web application security scanner with automated and manual testing features.
zap-baseline.py -t http://example.com SQLMap
Automatic SQL injection and database takeover tool with extensive DBMS support.
sqlmap -u "http://example.com/page?id=1" --dbs Gobuster
Fast directory/file & DNS busting tool written in Go for web application discovery.
gobuster dir -u http://example.com -w /usr/share/wordlists/dirb/common.txt Nikto
Web server scanner that tests for dangerous files, outdated server software, and server configuration issues.
nikto -h http://example.com WPScan
WordPress security scanner that identifies security issues in WordPress installations.
wpscan --url http://example.com/ FFuF
Fast web fuzzer written in Go for directory and parameter discovery with high performance.
ffuf -w wordlist.txt -u http://example.com/FUZZ Wfuzz
Web application fuzzer for brute forcing web applications and finding hidden content.
wfuzz -c -z file,wordlist.txt http://example.com/FUZZ HTTPx
Fast and multi-purpose HTTP toolkit for running multiple probes using retryablehttp library.
httpx -l domains.txt -title -tech-detect Katana
Next-generation crawling and spidering framework for web applications with automation features.
katana -u https://example.com -jc 💥 Exploitation Frameworks
Metasploit
The world's most used penetration testing framework with extensive exploit database.
msfconsole Cobalt Strike
Commercial adversary simulation and red team operations platform.
Professional red team framework ExploitDB
Archive of exploits and vulnerable software for penetration testers and vulnerability researchers.
searchsploit apache 🌐 Network Security
Wireshark
Network protocol analyzer for troubleshooting, analysis, software development, and education.
wireshark Netcat
The Swiss Army knife of networking tools for reading/writing data across network connections.
nc -lvnp 4444 Aircrack-ng
Complete suite of tools to assess WiFi network security with focus on WEP and WPA/WPA2-PSK keys recovery.
aircrack-ng -w wordlist.txt capture.cap Hydra
Very fast network logon cracker supporting many different services and protocols.
hydra -l admin -P passwords.txt ssh://target.com 🎯 Post-Exploitation
Mimikatz
Extract passwords, hash, PIN code and Kerberos tickets from memory on Windows systems.
sekurlsa::logonpasswords BloodHound
Uses graph theory to reveal hidden relationships and attack paths in Active Directory environments.
SharpHound.exe -c All LinPEAS
Linux Privilege Escalation Awesome Script that searches for possible paths to escalate privileges.
./linpeas.sh WinPEAS
Windows Privilege Escalation Awesome Script to find common misconfigurations.
winpeas.exe 🔍 Digital Forensics & Analysis
Autopsy
Digital forensics platform and graphical interface for analyzing hard drives and smart phones.
GUI-based digital forensics platform Volatility
Advanced memory forensics framework for incident response and malware analysis.
vol.py -f memory.dmp windows.info Binwalk
Firmware analysis tool for searching and extracting embedded files and executable code.
binwalk -e firmware.bin Ghidra
NSA's reverse engineering framework for malware analysis and vulnerability research.
Free NSA reverse engineering suite Sleuth Kit
Collection of command line tools for digital forensics investigations of disk images.
fls -r disk.img | grep -i suspicious YARA
Pattern matching engine for malware researchers to identify and classify malware samples.
yara rules.yar suspicious_file.exe 💿 Security-Focused OS
Kali Linux
Advanced penetration testing Linux distribution with 600+ pre-installed tools.
The gold standard for penetration testing Parrot Security OS
Security-oriented operating system designed for penetration testing, vulnerability assessment, and digital forensics.
Lightweight alternative to Kali Linux BlackArch Linux
Arch Linux-based penetration testing distribution with over 2800 tools.
pacman -S blackarch Tails (The Amnesic Incognito Live System)
Privacy-focused live operating system that routes all traffic through Tor and leaves no traces.
Complete anonymity and privacy protection Arch Linux
Lightweight and flexible Linux distribution ideal for custom security setups and advanced users.
pacman -S nmap wireshark metasploit Linux Mint
User-friendly Ubuntu-based distribution that can be hardened for security testing and daily use.
apt install ufw fail2ban rkhunter CAINE (Computer Aided INvestigative Environment)
Ubuntu-based digital forensics distribution with specialized tools for incident response.
Specialized digital forensics platform Pentoo
Gentoo-based security distribution focused on penetration testing and security assessment.
emerge --ask security-tools ⚠️ Legal Notice
These tools are for educational and authorized testing purposes only. Always ensure you have explicit written permission before using these tools on any system or network. Unauthorized use is illegal and unethical.