List of all available categories of tools for penetration testing.
Category count: 49
Name | Description |
---|---|
anti-forensic | Packages that are used for countering forensic activities, including encryption, steganography, and anything that modifies files/file attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information. |
automation | Packages that are used for tool or workflow automation. |
automobile | Software for security audit of Controller Area Network and technologies related to vehicle safety. |
backdoor | Packages that exploit or open backdoors on already vulnerable systems. |
binary | Packages that operate on binary files in some form. |
bluetooth | Packages that exploit anything concerning the Bluetooth standard (802.15.1). |
code-audit | Packages that audit existing source code for vulnerability analysis. |
cracker | Packages used for cracking cryptographic functions, ie hashes. |
crypto | Packages that work with cryptography, with the exception of cracking. |
cryptography | Tools for auditing the security of cryptographic algorithms and technologies. |
database | Packages that involve database exploitations on any level. |
debugger | Packages that allow the user to view what a particular program is 'doing' in realtime. |
decompiler | Packages that attempt to reverse a compiled program into source code. |
defensive | Packages that are used to protect a user from malware & attacks from other users. |
disassembler | This is similar to decompiler, and there will probably be a lot of programs that fall into both, however these packages produce assembly output rather than the raw source code. |
distributives | Linux Distributions for penetration testing, computer forensics, focused on security and anonymity. |
dos | Packages that use DoS (Denial of Service) attacks. |
drone | Packages that are used for managing physically engineered drones. |
environments | Vulnerable OS, environments, software, web applications and websites. Their main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. |
exploitation | Packages that takes advantages of exploits in other programs or services. |
fingerprint | Packages that exploit fingerprint biometric equipment. |
firmware | Packages that exploit vulnerabilities in firmware. |
forensic | Packages that are used to find data on physical disks or embedded memory. |
fuzzer | Packages that use the fuzz testing principle, ie 'throwing' random inputs at the subject to see what happens. |
hardware | Packages that exploit or manage anything to do with physical hardware. |
honeypot | Packages that act as 'honeypots', ie programs that appear to be vulnerable services used to attract hackers into a trap. |
ids | An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any detected activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources, and uses alarm filtering techniques to distinguish malicious activity from false alarms. |
keylogger | Packages that record and retain keystrokes on another system. |
malware | Packages that count as any type of malicious software or malware detection. |
misc | Packages that don't particularly fit into any categories. |
mobile | Packages that manipulate mobile platforms. |
networking | Package that involve IP networking. |
nfc | Packages that use nfc (near-field communications). |
packer | Packages that operate on or invlove packers. Packers are programs that embed malware within other executables. |
proxy | Packages that acts as a proxy, ie redirecting traffic through another node on the internet. |
radio | Tools for working with radio walkie-talkies. |
recon | Packets for the gathering information and reconnaissance. |
reversing | This is an umbrella group for any decompiler, disassembler or any similar program. |
scanner | Packages that scan selected systems for vulnerabilities. |
sniffer | Packages that involve analyzing network traffic. |
social | Packages that primarily attack social networking sites. |
spoof | Packages that attempt to spoof the attacker such, in that the attacker doesn't show up as an attacker to the victim. |
stego | Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video. Generally, the hidden messages appear to be (or be part of) something else: images, articles, shopping lists, or some other cover text. For example, the hidden message may be in invisible ink between the visible lines of a private letter. Some implementations of steganography that lack a shared secret are forms of security through obscurity, whereas key-dependent steganographic schemes adhere to Kerckhoffs's principle. The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages - no matter how unbreakable - arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message. Steganography includes the concealment of information within computer files. In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol. Media files are ideal for steganographic transmission because of their large size. For example, a sender might start with an innocuous image file and adjust the color of every 100th pixel to correspond to a letter in the alphabet, a change so subtle that someone not specifically looking for it is unlikely to notice it. |
tunnel | Packages that are used to tunnel network traffic on a given network. |
unpacker | Packages that are used to extract pre-packed malware from an executable. |
voip | Packages that operate on voip programs and protocols. |
webapp | Packages that operate on internet-facing applications. |
windows | This group is for any native Windows package that runs via wine. |
wireless | Packages that operates on wireless networks on any level. |