Information Gathering
- acccheck
- ace-voip
- Amap
- arp-scan
- Automater
-
bing-ip2hosts - braa
- Bro
- CaseFile
- CDPSnarf
- cisco-torch
- Cookie Cadger
- copy-router-config
- DMitry
- dnmap
- dnsenum
- dnsmap
- DNSRecon
- dnstracer
- dnswalk
- DotDotPwn
- enum4linux
- enumIAX
- exploitdb
- Fierce
- Firewalk
- flashlight
- fragroute
- fragrouter
- Ghost Phisher
- GoLismero
- goofile
- hping3
- HTTrack
- Insiderer
- InTrace
- Intrigue-core
- iptodomain
- iSMTP
- IVRE
- lbd
- Maltego
- Masscan
- MassMine
- Metagoofil
- Miranda
- NetBIOS Share Scanner
- NBTscan
- nbtscan-unixwiz
- Nmap
- NMBscan
- ntop
- OSRFramework
- p0f
- Parsero
- Recon-ng
- SET
- smtp-user-enum
- snmpcheck
- Sn1per
- SPARTA
- SpiderFoot
- sslcaudit
- SSLsplit
- SSLstrip (SSLStrip+)
- SSLyze
- Sublist3r
- THC-IPV6
- theHarvester
- TLSSLed
- twofi
- URLCrazy
- WebXploiter
- wig
- Wireshark
- WOL-E
- Xplico
- ZMap
Vulnerability Analysis
- BBQSQL
- BED
- cisco-auditing-tool
- cisco-global-exploiter
- cisco-ocs
- cisco-torch
- copy-router-config
- DBPwAudit
- Doona
- DotDotPwn
- Greenbone Security Assistant
- GSD
- HexorBase
- Inguma
- jSQL Injection
- Lynis
- Nmap
- ohrwurm
- openvas-administrator
- openvas-cli
- openvas-manager
- openvas-scanner
- Oscanner
- Powerfuzzer
- sfuzz
- SidGuesser
- SIPArmyKnife
- sqlmap
- Sqlninja
- sqlsus
- THC-IPV6
- tnscmd10g
- unix-privesc-check
- Yersinia
Forensics Tools
Wireless Attacks
- 3vilTwinAttacker
- Airbase-ng
- Aircrack-ng (Suite of Tools)
- Aircrack-ng (Tool)
- Aireplay-ng
- airgeddon
- Airmon-ng
- Airodump-ng
- Asleap
- AtEar
- Besside-ng
- Bluelog
- BlueMaho
- Bluepot
- BlueRanger
- Bluesnarfer
- BoopSuite
- Bully
- coWPAtty
- crackle
- create_ap
- eapmd5pass
- Easside-ng
- Fern Wifi Cracker
- Fluxion
- Ghost Phisher
- GISKismet
- Gqrx
- gr-scan
- hack-captive-portals
- HandShaker
- hcxdumptool
- hcxtools
- infernal-twin
- kalibrate-rtl
- KillerBee
- Kismet
- LANs.py
- linset
- macchanger
- Mana
- mdk3
- mdk4
- mfcuk
- mfoc
- mfterm
- mitmAP
- Multimon-NG
- OneShot
- Penetrator-WPS
- Pyrit
- PixieWPS
- Reaver (reaver-wps-fork-t6x)
- redfang
- Router Scan by Stas'M
- RTLSDR Scanner
- Spooftooph
- trackerjacker
- waidps
- Wash
- Wesside-ng
- Wifi Honey
- WiFi-autopwner
- wifijammer
- wifiphisher
- WiFi-Pumpkin
- Wifitap
- Wifite
- Wireless IDS
- WPA2-HalfHandshake-Crack
- zizzania
Stress Testing
- DHCPig
- FunkLoad
- iaxflood
- Inundator
- inviteflood
- ipv6-toolkit
- mdk3
- Reaver (reaver-wps-fork-t6x)
- rtpflood
- SlowHTTPTest
- t50
- Termineter
- THC-IPV6
- THC-SSL-DOS
- wifijammer
Web Applications
- apache-users
- Arachni
- BBQSQL
- BlindElephant
- Burp Suite
- CutyCapt
- DAVTest
- deblaze
- DIRB
- DirBuster
- fimap
- FunkLoad
- Grabber
- jboss-autopwn
- joomscan
- jSQL Injection
- identYwaf
- Maltego
- Metasploit
- PadBuster
- Paros
- Parsero
- Plecost
- Powerfuzzer
- ProxyStrike
- Recon-ng
- Skipfish
- Sn1per
- sqlmap
- Sqlninja
- sqlsus
- Sublert
- Sublist3r
- ua-tester
- Uniscan
- Vega
- w3af (w3af_console)
- w3af (w3af_gui)
- WAFW00F
- WebScarab
- Webshag
- WebSlayer
- WebSploit
- wig
- Wfuzz
- WhatWaf
- WPScan
- WPSploit
- Xmlrpc brute
- XSSer
- zaproxy