Information Gathering
- acccheck
- ace-voip
- Amap
- Automater
-
bing-ip2hosts - braa
- Bro
- CaseFile
- CDPSnarf
- cisco-torch
- Cookie Cadger
- copy-router-config
- DMitry
- dnmap
- dnsenum
- dnsmap
- DNSRecon
- dnstracer
- dnswalk
- DotDotPwn
- enum4linux
- enumIAX
- exploitdb
- Fierce
- Firewalk
- flashlight
- fragroute
- fragrouter
- Ghost Phisher
- GoLismero
- goofile
- hping3
- HTTrack
- Insiderer
- InTrace
- Intrigue-core
- iptodomain
- iSMTP
- IVRE
- lbd
- Maltego
- Masscan
- MassMine
- Metagoofil
- Miranda
- Nmap
- ntop
- OSRFramework
- p0f
- Parsero
- Recon-ng
- SET
- smtp-user-enum
- snmpcheck
- Sn1per
- SPARTA
- SpiderFoot
- sslcaudit
- SSLsplit
- SSLstrip (SSLStrip+)
- SSLyze
- Sublist3r
- THC-IPV6
- theHarvester
- TLSSLed
- twofi
- URLCrazy
- WebXploiter
- wig
- Wireshark
- WOL-E
- Xplico
- ZMap
Vulnerability Analysis
- BBQSQL
- BED
- cisco-auditing-tool
- cisco-global-exploiter
- cisco-ocs
- cisco-torch
- copy-router-config
- DBPwAudit
- Doona
- DotDotPwn
- Greenbone Security Assistant
- GSD
- HexorBase
- Inguma
- jSQL Injection
- Lynis
- Nmap
- ohrwurm
- openvas-administrator
- openvas-cli
- openvas-manager
- openvas-scanner
- Oscanner
- Powerfuzzer
- sfuzz
- SidGuesser
- SIPArmyKnife
- sqlmap
- Sqlninja
- sqlsus
- THC-IPV6
- tnscmd10g
- unix-privesc-check
- Yersinia
Exploitation Tools
- Armitage
- Backdoor Factory
- BeEF
- cisco-auditing-tool
- cisco-global-exploiter
- cisco-ocs
- cisco-torch
- Commix
- crackle
- jboss-autopwn
- Linux Exploit Suggester
- Maltego
- Metasploit
- Router Scan by Stas'M
- SET
- ShellNoob
- sqlmap
- THC-IPV6
- WPSploit
- XPL SEARCH
- Yersinia
Wireless Attacks
- 3vilTwinAttacker
- Airbase-ng
- Aircrack-ng (Suite of Tools)
- Aircrack-ng (Tool)
- Aireplay-ng
- airgeddon
- Airmon-ng
- Airodump-ng
- Asleap
- AtEar
- Besside-ng
- Bluelog
- BlueMaho
- Bluepot
- BlueRanger
- Bluesnarfer
- BoopSuite
- Bully
- coWPAtty
- crackle
- create_ap
- eapmd5pass
- Easside-ng
- Fern Wifi Cracker
- Fluxion
- Ghost Phisher
- GISKismet
- Gqrx
- gr-scan
- hack-captive-portals
- HandShaker
- hcxdumptool
- hcxtools
- infernal-twin
- kalibrate-rtl
- KillerBee
- Kismet
- LANs.py
- linset
- Mana
- mdk3
- mdk4
- mfcuk
- mfoc
- mfterm
- mitmAP
- Multimon-NG
- Penetrator-WPS
- Pyrit
- PixieWPS
- Reaver (reaver-wps-fork-t6x)
- redfang
- Router Scan by Stas'M
- RTLSDR Scanner
- Spooftooph
- waidps
- Wash
- Wesside-ng
- Wifi Honey
- WiFi-autopwner
- wifijammer
- wifiphisher
- WiFi-Pumpkin
- Wifitap
- Wifite
- Wireless IDS
- WPA2-HalfHandshake-Crack
- zizzania
Forensics Tools
- arpwatch
- Bash Scanner
- Binwalk
- Bro
- bulk-extractor
- Capstone
- chntpw
- Cuckoo
- dc3dd
- ddrescue
- DFF
- diStorm3
- Dumpzilla
- extundelete
- Foremost
- Galleta
- Guymager
- iPhone Backup Analyzer
- p0f
- pdf-parser
- pdfid
- pdgmail
- peepdf
- RegRipper
- simple findbackdoor
- Volatility
- waidps
- Xplico
Web Applications
- apache-users
- Arachni
- BBQSQL
- BlindElephant
- Burp Suite
- CutyCapt
- DAVTest
- deblaze
- DIRB
- DirBuster
- fimap
- FunkLoad
- Grabber
- jboss-autopwn
- joomscan
- jSQL Injection
- Maltego
- Metasploit
- PadBuster
- Paros
- Parsero
- Plecost
- Powerfuzzer
- ProxyStrike
- Recon-ng
- Skipfish
- Sn1per
- sqlmap
- Sqlninja
- sqlsus
- Sublist3r
- ua-tester
- Uniscan
- Vega
- w3af (w3af_console)
- w3af (w3af_gui)
- WebScarab
- Webshag
- WebSlayer
- WebSploit
- wig
- Wfuzz
- WPScan
- WPSploit
- Xmlrpc brute
- XSSer
- zaproxy
Stress Testing
- DHCPig
- FunkLoad
- iaxflood
- Inundator
- inviteflood
- ipv6-toolkit
- mdk3
- Reaver (reaver-wps-fork-t6x)
- rtpflood
- SlowHTTPTest
- t50
- Termineter
- THC-IPV6
- THC-SSL-DOS
- wifijammer
Sniffing & Spoofing
- arpspoof
- Bettercap
- Burp Suite
- DNSChef
- dns2proxy
- Driftnet
- etter.conf
- Ettercap
- Ettercap_curses и Ettercap-pkexec
- ettercap-plugins
- Etterfilter
- Etterlog
- fiked
- hamster-sidejack
- HexInject
- iaxflood
- inviteflood
- iSMTP
- isr-evilgrade
- LANs.py
- Mana
- MITMf
- mitmproxy
- Net-Creds
- ohrwurm
- protos-sip
- rebind
- Responder
- rtpbreak
- rtpinsertsound
- rtpmixsound
- sctpscan
- SIPArmyKnife
- SIPp
- SIPVicious
- SniffJoke
- SSLsplit
- SSLstrip (SSLStrip+)
- THC-IPV6
- Urlsnarf
- VoIPHopper
- WebScarab
- Webspy
- Wifi Honey
- Wireshark
- xspy
- Yersinia
- zaproxy
Password Attacks
- acccheck
- BruteX
- Burp Suite
- CeWL
- chntpw
- cisco-auditing-tool
- CmosPwd
- CrackLord
- creddump
- crunch
- CUPP
- DBPwAudit
- findmyhash
- gpp-decrypt
- hashcat
- hashcat-utils
- hash-identifier
- HexorBase
- John the Ripper
- Johnny
- keimpx
- Maltego
- Maskprocessor
- Medusa
- multiforcer
- Ncrack
- oclgausscrack
-
oclHashcat - PACK
- patator
- phrasendrescher
- polenum
- RainbowCrack
- rcracki-mt
- RSMangler
- Sn1per
- SPARTA
- SQLdict
- Statsprocessor
- THC-Hydra
- THC-pptp-bruter
- TrueCrack
- WebScarab
- Xmlrpc brute
- zaproxy
- Списки слов (словари)
Maintaining Access
- CryptCat
- Cymothoa
- dbd
- dns2tcp
- http-tunnel
- HTTPTunnel
- Intersect
- Nishang
- polenum
- PowerSploit
- pwnat
- RidEnum
- sbd
- U3-Pwn
- Webshells
- Weevely
- Winexe
Hardware Hacking
- android-sdk
- apktool
- Appie
- Arduino
- dex2jar
- Sakis3G
- smali
Anonymity
- autovpn
- ProxyChains-NG
- TorIptables2
- Tor Messenger
Reverse Engineering
- apktool
- dex2jar
- diStorm3
- edb-debugger
- jad
- javasnoop
- JD-GUI
- OllyDbg
- Reverse
- smali
- Valgrind
- YARA
Reporting Tools
- CaseFile
- CutyCapt
- dos2unix
- Dradis
- KeepNote
- MagicTree
- Metagoofil
- Nipper-ng
- pipal
Vulnerable testing environments