πŸ•΅οΈ
VeryLazyTech
πŸ“œ MediumπŸ›’ My ShopπŸ‘Ύ GithubπŸ“© Telegram πŸ“Ί YouTubeβœ– Twitter
  • πŸ•΅οΈWelcome!
    • VeryLazyTech
    • Support VeryLazyTech
      • πŸ‘Ύ GitHub
      • πŸ“œ Medium
      • β˜• My Shop
      • πŸ“Ί YouTube
      • βœ– Twitter
      • πŸ“© Telegram
  • πŸ›‘οΈ Vulnerabilities and Exploits
    • CVE - POC
      • Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692
      • POC - CVE-2024–4956 - Nexus Repository Manager 3 Unauthenticated Path Traversal
      • POC - CVE-2024-45241: Path Traversal in CentralSquare's CryWolf
      • Telerik Auth Bypass CVE-2024-4358
      • Check Point Security Gateways Information Disclosure - CVE-2024-24919
      • CVE-2024-23897 - Jenkins File Read Vulnerability
      • CVE-2024–10914- Command Injection Vulnerability in name parameter for D-Link NAS
      • POC - CVE-2024-21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE)
      • CVE-2024-9935 - PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary
      • CVE-2024-50623- Cleo Unrestricted file upload and download
      • POC - WordPress File Upload plugin, in the wfu_file_downloader.php file before version <= 4.24.11
      • POC - Remote and unauthenticated attacker can send crafted HTTP requests to RCE - cve-2025-3248
      • POCβ€Š-β€ŠCVE-2025–2539 File Away <= 3.9.9.0.1β€Š-β€ŠMissing Authorization to Unauthenticated Arbitrary File
      • POC - CVE-2025-29306 FOXCMS /images/index.html Code Execution Vulnerability
  • πŸ•΅οΈβ€β™‚οΈDorks
    • GitHub Dorks
    • Google Dork Online Tool
  • πŸ“š Resources
    • Top Hacking Books for 2024: FREE and Paid
    • How to Study for OSCP with the PWK Book PDF
    • Top 20 phishing tools to use in 2024
    • Top 8 Bug Bounty Books for 2025: Must-Reads for Ethical Hackers
    • Top Hacking Tools and Skills You Need to Learn in 2025
    • Offensive Cloud
    • Penetration Testing & Hacking Tools List
    • Top Cybersecurity Books by Topic
  • The Ultimate Penetration Testing Methodology (2025 Edition)
  • πŸ•ΈοΈPentesting Web
    • Client Side Template Injection (CSTI)
    • Identify a Server’s Origin IP
    • 2FA/MFA/OTP Bypass
  • IDOR
  • Open Redirect
  • Subdomain Takeover
  • Penetration Testing WiFi Networks
  • Client-Side Path Traversal
  • Clickjacking
  • Command Injection
  • JWT Vulnerabilities
  • Bypass rating limit
  • CORS - Misconfigurations & Bypass
  • LDAP Injection
  • File upload vulnerabilities
  • Content Security Policy (CSP) bypass
  • Brute Force - Services, web, local, tools & wordlists
  • 🐧Linux
    • Practical Linux Commands
    • Bypassing Bash Restrictions - Rbash
    • Privilege escalation - Linux
  • Linux Environment Variables
  • πŸͺŸWindows
    • Active Directory Methodology
    • Antivirus (AV) Bypass
  • 🌐Network Pentesting
    • FTP - Port 21
    • SSH- Port 22
    • Telnet - Port 23
    • SMTP/s - Port 25,465,587
    • WHOIS - Port 43
    • TACACS+ - Port 49
    • DNS - Port 53
    • TFTP/Bittorrent-tracker - Port 69/UDP
    • Finger - Port 79
    • Web - Port 80,443
    • Kerberos - Port 88
    • POP - Port 110/995
    • Portmapper - Port 111/TCP/UDP
    • Ident - Port 113
    • NTP - Port 123/UDP
    • MSRPC - Port 135, 539
    • NetBios - Port 137,138,139
    • SMB - Port 139 445
    • IMAP - Port 143, 993
    • SNMP - Ports 161, 162, 10161, and 10162/UDP
    • IRC - Ports 194,6667,6660-7000
    • Check Point Firewall - Port 264
    • LDAP - Ports 389, 636, 3268, 3269
    • IPsec/IKE VPN - Port 500/UDP
    • Modbus - Port 502
    • Rexec - Port 512
    • Rlogin - Port 513
    • Rsh - Port 514
    • Line Printer Daemon (LPD) - Port 515
    • Apple Filing Protocol (AFP) - PORT 548
    • RTSP - Port 554, 8554
    • IPMI - Port 623/UDP/TCP
    • Internet Printing Protocol (IPP) - Port 631
    • EPP - Port 700
    • Rsync - Port 873
    • Rusersd Service - Port 1026
    • Socks - Port 1080
    • Java RMI - RMI-IIOP - Port 1098/1099/1050
    • MSSQL (Microsoft SQL Server) - Port 1433
    • Oracle TNS Listener - Port 1521,1522-1529
  • PPTP - Port 1723
  • MQTT (Message Queuing Telemetry Transport) - Port 1883
  • Compaq HP Insight Manager - Port 2301, 2381
  • NFS Service - Port 2049
  • Docker - Port 2375,2376
  • Squid - Port 3128
  • iScsi - Port 3260
  • SAPRouter - Port 3299
  • 😎Post-exploitation
    • File Transfer Cheatsheet: Windows andΒ Linux
  • πŸ§‘β€πŸ”§Technical guides
    • Kali Linux - Installation
Powered by GitBook
On this page
  • Online Resources – Hacking Tools
  • Penetration Testing Resources
  • Exploit Development
  • OSINT Resources
  • Social Engineering Resources
  • Lock Picking Resources
  • Operating Systems
  • Hacking Tools
  • Penetration Testing Distributions
  • Docker for Penetration Testing
  • Multi-paradigm Frameworks
  • Vulnerability Scanners
  • Static Analyzers
  • Web Scanners
  • Network Tools
  • Wireless Network Hacking Tools
  • Transport Layer Security Tools
  • Web Exploitation
  • Hex Editors
  • File Format Analysis Tools
  • Defense Evasion Tools
  • Hash Cracking Hacking Tools
  • Windows Utilities
  • GNU/Linux Utilities
  • macOS Utilities
  • DDoS Tools
  • Social Engineering Tools
  • OSINT Tools
  • Anonymity Tools
  • Reverse Engineering Tools
  • Physical Access Tools
  • Side-channel Tools
  • CTF Tools
  • Penetration Testing Report Templates
  • Vulnerability Databases – Hacking Tools
  • Information Security Conferences – Hacking Tools
  • Information Security Magazines – Hacking Tools
  • Awesome Lists – Hacking Tools –

Was this helpful?

  1. πŸ“š Resources

Penetration Testing & Hacking Tools List

Support VeryLazyTech πŸŽ‰
  • Become VeryLazyTech member! 🎁

  • Follow us on:

    • βœ– Twitter @VeryLazyTech.

    • πŸ‘Ύ Github @VeryLazyTech.

    • πŸ“œ Medium @VeryLazyTech.

    • πŸ“Ί YouTube @VeryLazyTech.

    • πŸ“© Telegram @VeryLazyTech.

    • πŸ•΅οΈβ€β™‚οΈ My Site @VeryLazyTech.

  • Visit our shop for e-books and courses. πŸ“š

Online Resources – Hacking Tools

Penetration Testing Resources

  • Metasploit Unleashed – Free Offensive Security Metasploit course.

  • Penetration Testing Execution Standard (PTES) – Documentation designed to provide a common language and scope for performing and reporting the results of a penetration test.

  • Open Web Application Security Project (OWASP) – Worldwide not-for-profit charitable organization focused on improving the security of especially Web-based and Application-layer software.

  • PENTEST-WIKI – Free online security knowledge library for pentesters and researchers.

  • Penetration Testing Framework (PTF) – Outline for performing penetration tests compiled as a general framework usable by vulnerability analysts and penetration testers alike.

  • XSS-Payloads – Ultimate resource for all things cross-site including payloads, tools, games, and documentation.

  • Open Source Security Testing Methodology Manual (OSSTMM) – Framework for providing test cases that result in verified facts on which to base decisions that impact an organization’s security.

  • MITRE’s Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) – Curated knowledge base and model for cyber adversary behavior.

Exploit Development

  • Shellcode Tutorial – Tutorial on how to write shellcode.

  • Shellcode Examples – Shellcodes database.

  • Exploit Writing Tutorials – Tutorials on how to develop exploits.

OSINT Resources

  • OSINT Framework – Collection of various OSINT Hacking Tools broken out by category.

  • Intel Techniques – Collection of OSINT tools. The menu on the left can be used to navigate through the categories.

  • NetBootcamp OSINT Tools – Collection of OSINT links and custom Web interfaces to other services such as Facebook Graph Search and various paste sites.

  • WiGLE.net – Information about wireless networks worldwide, with user-friendly desktop and web applications.

Social Engineering Resources

  • Social Engineering Framework – the Information resource for social engineers.

Lock Picking Resources

  • Schuyler Towne channel – Lockpicking videos and security talks.

  • bosnianbill – More lockpicking videos.

  • /r/lockpicking – Resources for learning lockpicking, equipment recommendations.

Operating Systems

  • Security-related Operating Systems @ Rawsec – Penetration testing tools & Hacking Tools list Related Complete list of security operating systems.

  • Best Linux Penetration Testing Distributions @ CyberPunk – Description of main penetration testing distributions.

  • Security @ Distrowatch – Website dedicated to talking about, reviewing, and keeping up to date with open-source operating systems.

  • cuckoo – Open source automated malware analysis system.

  • Computer-Aided Investigative Environment (CAINE) – Italian GNU/Linux live distribution created as a digital forensics project.

  • Digital Evidence & Forensics Toolkit (DEFT) – Live CD for forensic analysis runnable without tampering or corrupting connected devices where the boot process takes place.

  • Tails – Live OS aimed at preserving privacy and anonymity.

Hacking Tools

Penetration Testing Distributions

  • Kali – GNU/Linux distribution designed for digital forensics and penetration testing Hacking Tools

  • ArchStrike – Arch GNU/Linux repository for security professionals and enthusiasts.

  • BlackArch – Arch GNU/Linux-based distribution with best Hacking Tools for penetration testers and security researchers.

  • Network Security Toolkit (NST) – Fedora-based bootable live operating system designed to provide easy access to best-of-breed open source network security applications.

  • Pentoo – Security-focused live CD based on Gentoo.

  • BackBox – Ubuntu-based distribution for penetration tests and security assessments.

  • Parrot – Distribution similar to Kali, with multiple architectures with 100 of Hacking Tools.

  • Buscador – GNU/Linux virtual machine that is pre-configured for online investigators.

  • Fedora Security Lab – provides a safe test environment to work on security auditing, forensics, system rescue, and teaching security testing methodologies.

  • The Pentesters Framework – Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that eliminates often unused toolchains.

  • AttifyOS – GNU/Linux distribution focused on tools useful during the Internet of Things (IoT) security assessments.

Docker for Penetration Testing

  • docker pull kalilinux/kali-linux-docker official Kali Linux

  • docker pull owasp/zap2docker-stable – official OWASP ZAP

  • docker pull wpscanteam/wpscan – official WPScan

  • docker pull citizenstig/dvwa – Damn Vulnerable Web Application (DVWA)

  • docker pull wpscanteam/vulnerablewordpress – Vulnerable WordPress Installation

  • docker pull hmlio/vaas-cve-2014-6271 – Vulnerability as a service: Shellshock

  • docker pull hmlio/vaas-cve-2014-0160 – Vulnerability as a service: Heartbleed

  • docker pull opendns/security-ninjas – Security Ninjas

  • docker pull diogomonica/docker-bench-security – Docker Bench for Security

  • docker pull ismisepaul/securityshepherd – OWASP Security Shepherd

  • docker pull danmx/docker-owasp-webgoat – OWASP WebGoat Project docker image

  • docker-compose build && docker-compose up – OWASP NodeGoat

  • docker pull citizenstig/nowasp – OWASP Mutillidae II Web Pen-Test Practice Application

  • docker pull bkimminich/juice-shop – OWASP Juice Shop

  • docker pull kalilinux/kali-linux-docker – Kali Linux Docker Image

  • docker pull phocean/msf – docker-Metasploit

Multi-paradigm Frameworks

  • Metasploit – post-exploitation Hacking Tools for offensive security teams to help verify vulnerabilities and manage security assessments.

  • Armitage – Java-based GUI front-end for the Metasploit Framework.

  • Faraday – Multiuser integrated pentesting environment for red teams performing cooperative penetration tests, security audits, and risk assessments.

  • ExploitPack – Graphical tool for automating penetration tests that ships with many pre-packaged exploits.

  • Pupy – Cross-platform (Windows, Linux, macOS, Android) remote administration and post-exploitation tool,

Vulnerability Scanners

  • Nexpose – Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.

  • Nessus – Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable.

  • OpenVAS – Free software implementation of the popular Nessus vulnerability assessment system.

  • Vuls – Agentless vulnerability scanner for GNU/Linux and FreeBSD, written in Go.

Static Analyzers

  • Brakeman – Static analysis security vulnerability scanner for Ruby on Rails applications.

  • cppcheck – Extensible C/C++ static analyzer focused on finding bugs.

  • FindBugs – Free software static analyzer to look for bugs in Java code.

  • sobelow – Security-focused static analysis for the Phoenix Framework.

  • bandit – Security oriented static analyzer for Python code.

Web Scanners

  • Nikto – Noisy but fast black box web server and web application vulnerability scanner.

  • Arachni – Scriptable framework for evaluating the security of web applications.

  • w3af – Hacking Tools for Web application attack and audit framework.

  • Wapiti – Black box web application vulnerability scanner with built-in fuzzer.

  • SecApps – In-browser web application security testing suite.

  • WebReaver – Commercial, graphical web application vulnerability scanner designed for macOS.

  • WPScan – Hacking Tools of the Black box WordPress vulnerability scanner.

  • cms-explorer – Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running.

  • joomscan – one of the best Hacking Tools for Joomla vulnerability scanner.

  • ACSTIS – Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.

Network Tools

  • zmap – Open source network scanner that enables researchers to easily perform Internet-wide network studies.

  • nmap – Free security scanner for network exploration & security audits.

  • pig – one of the Hacking Tools forGNU/Linux packet crafting.

  • scanless – Utility for using websites to perform port scans on your behalf so as not to reveal your own IP.

  • tcpdump/libpcap – Common packet analyzer that runs under the command line.

  • Wireshark – Widely-used graphical, cross-platform network protocol analyzer.

  • Network-Tools.com – Website offering an interface to numerous basic network utilities like ping, traceroute, whois, and more.

  • netsniff-ng – Swiss army knife for network sniffing.

  • Intercepter-NG – Multifunctional network toolkit.

  • SPARTA – Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools.

  • dnschef – Highly configurable DNS proxy for pentesters.

  • DNSDumpster – one of the Hacking Tools for Online DNS recon and search service.

  • CloudFail – Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS.

  • dnsenum – Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack and then performs reverse look-ups on the results.

  • dnsmap – One of the Hacking Tools for Passive DNS network mapper.

  • dnsrecon – One of the Hacking Tools for DNS enumeration script.

  • dnstracer – Determines where a given DNS server gets its information from, and follows the chain of DNS servers.

  • passivedns-client – Library and query tool for querying several passive DNS providers.

  • passivedns – Network sniffer that logs all DNS server replies for use in a passive DNS setup.

  • Mass Scan – best Hacking Tools for TCP port scanner, spews SYN packets asynchronously, scanning the entire Internet in under 5 minutes.

  • Zarp – Network attack tool centered around the exploitation of local networks.

  • mitmproxy – Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

  • Morpheus – Automated ettercap TCP/IP Hacking Tools .

  • mallory – HTTP/HTTPS proxy over SSH.

  • SSH MITM – Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk.

  • Netzob – Reverse engineering, traffic generation and fuzzing of communication protocols.

  • DET – Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time.

  • pwnat – Punches holes in firewalls and NATs.

  • dsniff – Collection of tools for network auditing and pentesting.

  • tgcd – Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.

  • smbmap – Handy SMB enumeration tool.

  • scapy – Python-based interactive packet manipulation program & library.

  • Dshell – Network forensic analysis framework.

  • Debookee – Simple and powerful network traffic analyzer for macOS.

  • Dripcap – Caffeinated packet analyzer.

  • Printer Exploitation Toolkit (PRET) – Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.

  • Praeda – Automated multi-function printer data harvester for gathering usable data during security assessments.

  • routersploit – Open source exploitation framework similar to Metasploit but dedicated to embedded devices.

  • evilgrade – Modular framework to take advantage of poor upgrade implementations by injecting fake updates.

  • XRay – Network (sub)domain discovery and reconnaissance automation tool.

  • Ettercap – Comprehensive, mature suite for machine-in-the-middle attacks.

  • BetterCAP – Modular, portable and easily extensible MITM framework.

  • CrackMapExec – A swiss army knife for pentesting networks.

  • impacket – A collection of Python classes for working with network protocols.

Wireless Network Hacking Tools

  • Aircrack-ng – Set of Penetration testing & Hacking Tools list for auditing wireless networks.

  • Kismet – Wireless network detector, sniffer, and IDS.

  • Reaver – Brute force attack against Wifi Protected Setup.

  • Wifite – Automated wireless attack tool.

  • Fluxion – Suite of automated social engineering-based WPA attacks.

Transport Layer Security Tools

  • SSLyze – Fast and comprehensive TLS/SSL configuration analyzer to help identify security misconfigurations.

  • tls_prober – Fingerprint a server’s SSL/TLS implementation.

  • testssl.sh – Command-line tool which checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.

Web Exploitation

  • OWASP Zed Attack Proxy (ZAP) – Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.

  • Fiddler – Free cross-platform web debugging proxy with user-friendly companion tools.

  • Burp Suite – One of the Hacking Tools ntegrated platform for performing security testing of web applications.

  • autochrome – Easy to install a test browser with all the appropriate settings needed for web application testing with native Burp support, from NCCGroup.

  • Browser Exploitation Framework (BeEF) – Command and control server for delivering exploits to commandeered Web browsers.

  • Offensive Web Testing Framework (OWTF) – Python-based framework for pentesting Web applications based on the OWASP Testing Guide.

  • WordPress Exploit Framework – Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.

  • WPSploit – Exploit WordPress-powered websites with Metasploit.

  • SQLmap – Automatic SQL injection and database takeover tool.

  • tplmap – Automatic server-side template injection and Web server takeover Hacking Tools.

  • weevely3 – Weaponized web shell.

  • Wappalyzer – Wappalyzer uncovers the technologies used on websites.

  • WhatWeb – Website fingerprinter.

  • BlindElephant – Web application fingerprinter.

  • wafw00f – Identifies and fingerprints Web Application Firewall (WAF) products.

  • fimap – Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs.

  • Kadabra – Automatic LFI exploiter and scanner.

  • Kadimus – LFI scan and exploit tool.

  • liffy – LFI exploitation tool.

  • Commix – Automated all-in-one operating system command injection and exploitation tool.

  • DVCS Ripper – Rip web-accessible (distributed) version control systems: SVN/GIT/HG/BZR.

  • GitTools – One of the Hacking Tools that Automatically find and download Web-accessible .git repositories.

  • sslstrip – One of the Hacking Tools Demonstration of the HTTPS stripping attacks.

  • sslstrip2 – SSLStrip version to defeat HSTS.

  • NoSQLmap – Automatic NoSQL injection and database takeover tool.

  • VHostScan – A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases, and dynamic default pages.

  • FuzzDB – Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

  • EyeWitness – Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible.

  • webscreenshot – A simple script to take screenshots of the list of websites.

Hex Editors

  • HexEdit.js – Browser-based hex editing.

  • Hexinator – World’s finest (proprietary, commercial) Hex Editor.

  • Frhed – Binary file editor for Windows.

  • 0xED – Native macOS hex editor that supports plug-ins to display custom data types.

File Format Analysis Tools

  • Kaitai Struct – File formats and network protocols dissection language and web IDE, generating parsers in C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.

  • Veles – Binary data visualization and analysis tool.

  • Hachoir – Python library to view and edit a binary stream as the tree of fields and tools for metadata extraction.

Defense Evasion Tools

  • Veil – Generate Metasploit payloads that bypass common anti-virus solutions.

  • shellsploit – Generates custom shellcode, backdoors, injectors, optionally obfuscates every byte via encoders.

  • Hyperion – Runtime encryptor for 32-bit portable executables (β€œPE .exes”).

  • AntiVirus Evasion Tool (AVET) – Post-process exploits containing executable files targeted for Windows machines to avoid being recognized by antivirus software.

  • peCloak.py – Automates the process of hiding a malicious Windows executable from antivirus (AV) detection.

  • peCloakCapstone – Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.

  • UniByAv – Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.

Hash Cracking Hacking Tools

  • John the Ripper – One of the best Hacking Tools for Fast password cracker.

  • Hashcat – Another One of the Hacking Tools The more fast hash cracker.

  • CeWL – Generates custom wordlists by spidering a target’s website and collecting unique words.

  • JWT Cracker – Simple HS256 JWT token brute force cracker.

  • Rar Crack – RAR brute force cracker.

  • BruteForce Wallet – Find the password of an encrypted wallet file (i.e. wallet.dat).

Windows Utilities

  • Sysinternals Suite – The Sysinternals Troubleshooting Utilities.

  • Windows Credentials Editor – Inspect logon sessions and add, change, list, and delete associated credentials, including Kerberos tickets.

  • mimikatz – Credentials extraction tool for Windows operating system.

  • PowerSploit – PowerShell Post-Exploitation Framework.

  • Windows Exploit Suggester – Detects potential missing patches on the target.

  • Responder – LLMNR, NBT-NS and MDNS poisoner.

  • Bloodhound – Graphical Active Directory trust relationship explorer.

  • Empire – Pure PowerShell post-exploitation agent.

  • Fibratus – Tool for exploration and tracing of the Windows kernel.

  • wePWNise – Generates architecture-independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.

  • redsnarf – Post-exploitation tool for retrieving password hashes and credentials from Windows workstations, servers, and domain controllers.

  • Magic Unicorn – Shellcode generator for numerous attack vectors, including Microsoft Office macros, PowerShell, HTML applications (HTA), or certutil (using fake certificates).

  • DeathStar – Python script that uses Empire’s RESTful API to automate gaining Domain Admin rights in Active Directory environments.

GNU/Linux Utilities

  • Linux Exploit Suggester – Heuristic reporting on potentially viable exploits for a given GNU/Linux system.

macOS Utilities

  • Bella – Pure Python post-exploitation data mining and remote administration tool for macOS.

DDoS Tools

  • LOIC – Open source network stress tool for Windows.

  • JS LOIC – JavaScript in-browser version of LOIC.

  • SlowLoris – DoS tool that uses low bandwidth on the attacking side.

  • HOIC – Updated version of Low Orbit Ion Cannon, has β€˜boosters’ to get around common countermeasures.

  • T50 – Faster network stress tool.

  • UFONet – Abuses OSI layer 7 HTTP to create/manage β€˜zombies’ and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

Social Engineering Tools

  • Social Engineer Toolkit (SET) – Open source pentesting framework designed for social engineering featuring a number of custom attack vectors to make believable attacks quickly.

  • King Phisher – One of the Hacking Tools for Phishing campaign toolkit used for creating and managing multiple simultaneous phishing attacks with custom email and server content.

  • Evilginx – MITM attack framework used for phishing credentials and session cookies from any Web service.

  • wifiphisher – Automated phishing attacks against WiFi networks.

  • Catphish – Tool for phishing and corporate espionage written in Ruby.

  • Beelogger – Tool for generating keyloggers.

OSINT Tools

  • Maltego – One of the Hacking Tools and Proprietary software for open-source intelligence and forensics, from Paterva.

  • theHarvester – E-mail, subdomain, and people names harvester.

  • creepy – Geolocation OSINT tool.

  • metagoofil – Metadata harvester.

  • Google Hacking Database – Database of Google dorks; can be used for recon.

  • Google-dorks – Common Google dorks and others you probably don’t know.

  • GooDork – Command-line Google Dorking tool.

  • dork-cli – Command-line Google dork tool.

  • Censys – collects data on hosts and websites through daily ZMap and ZGrab scans.

  • Shodan – World’s first search engine for Internet-connected devices.

  • recon-ng – One of the Hacking Tools Full-featured Web Reconnaissance framework written in Python.

  • github-dorks – CLI tool to scan Github Repos/organizations for potential sensitive information leak.

  • vcsmap – Plugin-based tool to scan public version control systems for sensitive information.

  • Spiderfoot – Multi-source OSINT automation tool with a Web UI and report visualizations

  • BinGoo – GNU/Linux bash based Bing and Google Dorking Tool.

  • fast-recon – Perform Google dorks against a domain.

  • snitch – Information gathering via dorks.

  • Sn1per – one of the Hacking Tools for Automated Pentest Recon Scanner.

  • Threat Crowd – Search engine for threats.

  • Virus Total – VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.

  • DataSploit – OSINT visualizer utilizing Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye behind the scenes.

  • AQUATONE – Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.

  • Intrigue – Automated OSINT & Attack Surface discovery framework with powerful API, UI, and CLI.

  • ZoomEye – Search engine for cyberspace that lets the user find specific network components.

Anonymity Tools

  • Tor – Free software and onion routed overlay network that helps you defend against traffic analysis.

  • OnionScan – One of the Hacking Tools for investigating the Dark Web by finding operational security issues introduced by Tor hidden service operators.

  • I2P – The Invisible Internet Project.

  • Nipe – Script to redirect all traffic from the machine to the Tor network.

  • What Every Browser Knows About You – Comprehensive detection page to test your own Web browser’s configuration for privacy and identity leaks.

Reverse Engineering Tools

  • Interactive Disassembler (IDA Pro) – Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, IDA Free.

  • WDK/WinDbg – Windows Driver Kit and WinDbg.

  • OllyDbg – x86 debugger for Windows binaries that emphasizes binary code analysis.

  • Radare2 – Open source, cross-platform reverse engineering framework.

  • x64dbg – Open source x64/x32 debugger for windows.

  • Immunity Debugger – Powerful way to write exploits and analyze malware.

  • Evan’s Debugger – OllyDbg-like debugger for GNU/Linux.

  • Medusa – Open source, cross-platform interactive disassembler.

  • plasma – Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.

  • peda – Python Exploit Development Assistance for GDB.

  • dnSpy – one of the Hacking Tools to reverse engineer .NET assemblies.

  • binwalk – Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.

  • PyREBox – Python scriptable Reverse Engineering sandbox by Cisco-Talos.

  • Voltron – Extensible debugger UI toolkit written in Python.

  • Capstone – lightweight multi-platform, multi-architecture disassembly framework.

  • rVMI – Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.

  • Frida – Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

Physical Access Tools

  • LAN Turtle – Covert β€œUSB Ethernet Adapter” that provides remote access, network intelligence gathering, and MITM capabilities when installed in a local network.

  • USB Rubber Ducky – Customizable keystroke injection attack platform masquerading as a USB thumb drive.

  • Poisontap – Siphons cookies, exposes internal (LAN-side) router and installs web backdoor on locked computers.

  • WiFi Pineapple – Wireless auditing and penetration testing platform.

  • Proxmark3 – RFID/NFC cloning, replay, and spoofing toolkit often used for analyzing and attacking proximity cards/readers, wireless keys/keyfobs, and more.

Side-channel Tools

  • ChipWhisperer – Complete open-source toolchain for side-channel power analysis and glitching attacks.

CTF Tools

  • ctf-tools – Collection of setup scripts to install various security research tools easily and quickly deployable to new machines.

  • Pwntools – Rapid exploit development framework built for use in CTFs.

  • RsaCtfTool – Decrypt data enciphered using weak RSA keys, and recover private keys from public keys using a variety of automated attacks.

Penetration Testing Report Templates

  • Public Pentesting Reports – Curated list of public penetration test reports released by several consulting firms and academic security groups.

  • Pentesting Report Template – testandverification.com template.

  • Pentesting Report Template – hitachi-systems-security.com template.

  • Pentesting Report Template – lucideus.com template.

  • Pentesting Report Template – crest-approved.org template.

  • Pentesting Report Template – pcisecuritystandards.org template.

Vulnerability Databases – Hacking Tools

  • Common Vulnerabilities and Exposures (CVE) – Dictionary of common names (i.e., CVE Identifiers) for publicly known security vulnerabilities.

  • National Vulnerability Database (NVD) – United States government’s National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.

  • US-CERT Vulnerability Notes Database – Summaries, technical details, remediation information, and lists of vendors affected by software vulnerabilities, aggregated by the United States Computer Emergency Response Team (US-CERT).

  • Full-Disclosure – Public, vendor-neutral forum for a detailed discussion of vulnerabilities, often publishes details before many other sources.

  • Bugtraq (BID) – Software security bug identification database compiled from submissions to the SecurityFocus mailing Penetration testing tools list and other sources, operated by Symantec, Inc.

  • Exploit-DB – Non-profit project hosting exploits for software vulnerabilities, provided as a public service by Offensive Security.

  • Microsoft Security Bulletins – Announcements of security issues discovered in Microsoft software, published by the Microsoft Security Response Center (MSRC).

  • Microsoft Security Advisories – Archive of security advisories impacting Microsoft software.

  • Mozilla Foundation Security Advisories – Archive of security advisories impacting Mozilla software, including the Firefox Web Browser.

  • Packet Storm – Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry.

  • CXSecurity – Archive of published CVE and Bugtraq software vulnerabilities cross-referenced with a Google dork database for discovering the listed vulnerability.

  • SecuriTeam – Independent source of software vulnerability information.

  • Vulnerability Lab – Open forum for security advisories organized by category of exploit target.

  • Zero Day Initiative – Bug bounty program with the publicly accessible archive of published security advisories, operated by TippingPoint.

  • Vulners – Security database of software vulnerabilities.

  • Inj3ct0r (Onion service) – Exploit marketplace and vulnerability, information aggregator.

  • Open Source Vulnerability Database (OSVDB) – Historical archive of security vulnerabilities in computerized equipment, no longer adding to its vulnerability database as of April, 2016.Hacking Tools

  • HPI-VDB – Aggregator of cross-referenced software vulnerabilities offering free-of-charge API access, provided by the Hasso-Plattner Institute, Potsdam.Hacking Tools

Information Security Conferences – Hacking Tools

  • DEF CON – annual hacker convention in Las Vegas.

  • Black Hat – Annual security conference in Las Vegas.

  • BSides – Framework for organizing and holding security conferences.

  • CCC – Annual meeting of the international hacker scene in Germany.

  • DerbyCon – Annual hacker conference based in Louisville.

  • PhreakNIC – Technology conference held annually in middle Tennessee.

  • ShmooCon – Annual US East coast hacker convention.

  • CarolinaCon – Infosec conference, held annually in North Carolina.

  • CHCon – Christchurch Hacker Con, Only South Island of New Zealand hacker con.

  • SummerCon – One of the oldest hacker conventions, held during Summer.

  • Hack.lu – Annual conference held in Luxembourg.

  • Hackfest – Largest hacking conference in Canada.

  • HITB – Deep-knowledge security conference held in Malaysia and The Netherlands.

  • Troopers – Annual international IT Security event with workshops held in Heidelberg, Germany.

  • Hack3rCon – Annual US hacker conference.

  • ThotCon – Annual US hacker conference held in Chicago.

  • LayerOne – Annual US security conference held every spring in Los Angeles.

  • DeepSec – Security Conference in Vienna, Austria.

  • SkyDogCon – Technology conference in Nashville.

  • SECUINSIDE – Security Conference in Seoul.

  • DefCamp – Largest Security Conference in Eastern Europe, held annually in Bucharest, Romania.

  • AppSecUSA – Annual conference organized by OWASP.

  • BruCON – Annual security conference in Belgium.

  • Infosecurity Europe – Europe’s number one information security event, held in London, UK.

  • Nullcon – Annual conference in Delhi and Goa, India.

  • RSA Conference USA – Annual security conference in San Francisco, California, USA.

  • Swiss Cyber Storm – Annual security conference in Lucerne, Switzerland.

  • Virus Bulletin Conference – Annual conference going to be held in Denver, the USA for 2016.

  • Ekoparty – Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina.

  • 44Con – Annual Security Conference held in London.

  • BalCCon – Balkan Computer Congress, annually held in Novi Sad, Serbia.

  • FSec – FSec – Croatian Information Security Gathering in VaraΕΎdin, Croatia.

Information Security Magazines – Hacking Tools

  • 2600: The Hacker Quarterly – American publication about technology and computer β€œunderground.”

  • Phrack Magazine – By far the longest-running hacker zine.

Awesome Lists – Hacking Tools –

  • Kali Linux Tools – List of Hacking tools present in Kali Linux.

  • SecTools – Top 125 Network Security Hacking Tools.

  • Pentest Cheat Sheets – Awesome Pentest Cheat Sheets.

  • C/C++ Programming – One of the main language for open source security tools.

  • .NET Programming – Software framework for Microsoft Windows platform development.

  • Shell Scripting – Command-line frameworks, toolkits, guides, and gizmos.

  • Ruby Programming by @dreikanter – The de-facto language for writing exploits.

  • Ruby Programming by @markets – The de-facto language for writing exploits.

  • Ruby Programming by @Sdogruyol – The de-facto language for writing exploits.

  • JavaScript Programming – In-browser development and scripting.

  • Node.js Programming by @sindresorhus – Curated list of delightful Node.js packages and resources.

  • Python tools for penetration testers – Lots of pentesting tools are written in Python.

  • Python Programming by @svaksha – General Python programming.

  • Python Programming by @vinta – General Python programming.

  • Android Security – Collection of Android security-related resources.

  • Awesome Awesomness – The List of the Lists.

  • AppSec – Resources for learning about application security.

  • CTFs – Capture The Flag frameworks, libraries, etc.

  • InfoSec Β§ Hacking challenges – Comprehensive directory of CTFs, wargames, hacking challenge websites, Penetration testing tools list practice lab exercises, and more.

  • Hacking – Tutorials, tools, and resources.

  • Honeypots – Honeypots, tools, components, and more.

  • Infosec – Information security resources for pentesting, forensics, and more.

  • Forensics – Free (mostly open-source) forensic analysis tools and resources.

  • Malware Analysis – Tools and resources for analysts.

  • PCAP Tools – Tools for processing network traffic.

  • Security – Software, libraries, documents, and other resources.

  • Awesome Lockpicking – Awesome guides, tools, and other resources about the security and compromise of locks, safes, and keys.

  • SecLists – Collection of multiple types of lists used during security assessments.

  • Security Talks – Curated list of security conferences.

  • OSINT – Awesome OSINT list containing great resources.

  • YARA – YARA rules, tools, and people.

Learn & practice For the OSCP.

Support VeryLazyTech πŸŽ‰
  • Become VeryLazyTech member! 🎁

  • Follow us on:

    • βœ– Twitter @VeryLazyTech.

    • πŸ‘Ύ Github @VeryLazyTech.

    • πŸ“œ Medium @VeryLazyTech.

    • πŸ“Ί YouTube @VeryLazyTech.

    • πŸ“© Telegram @VeryLazyTech.

    • πŸ•΅οΈβ€β™‚οΈ My Site @VeryLazyTech.

  • Visit our shop for e-books and courses. πŸ“š

PreviousTop Hacking Tools and Skills You Need to Learn in 2025NextTop Cybersecurity Books by Topic

Last updated 2 months ago

Was this helpful?