Penetration Testing & Hacking Tools List
Last updated
Was this helpful?
Last updated
Was this helpful?
Metasploit Unleashed โ Free Offensive Security Metasploit course.
โ Documentation designed to provide a common language and scope for performing and reporting the results of a penetration test.
โ Worldwide not-for-profit charitable organization focused on improving the security of especially Web-based and Application-layer software.
โ Free online security knowledge library for pentesters and researchers.
โ Outline for performing penetration tests compiled as a general framework usable by vulnerability analysts and penetration testers alike.
โ Ultimate resource for all things cross-site including payloads, tools, games, and documentation.
โ Framework for providing test cases that result in verified facts on which to base decisions that impact an organizationโs security.
โ Curated knowledge base and model for cyber adversary behavior.
โ Tutorial on how to write shellcode.
โ Shellcodes database.
โ Tutorials on how to develop exploits.
โ Collection of various OSINT Hacking Tools broken out by category.
โ Collection of OSINT tools. The menu on the left can be used to navigate through the categories.
โ Collection of OSINT links and custom Web interfaces to other services such as and .
โ Information about wireless networks worldwide, with user-friendly desktop and web applications.
โ the Information resource for social engineers.
โ Lockpicking videos and security talks.
โ More lockpicking videos.
โ Resources for learning lockpicking, equipment recommendations.
โ Penetration testing tools & Hacking Tools list Related Complete list of security operating systems.
โ Description of main penetration testing distributions.
โ Website dedicated to talking about, reviewing, and keeping up to date with open-source operating systems.
โ Open source automated malware analysis system.
โ Italian GNU/Linux live distribution created as a digital forensics project.
โ Live CD for forensic analysis runnable without tampering or corrupting connected devices where the boot process takes place.
โ Live OS aimed at preserving privacy and anonymity.
โ GNU/Linux distribution designed for digital forensics and penetration testing Hacking Tools
โ Arch GNU/Linux repository for security professionals and enthusiasts.
โ Arch GNU/Linux-based distribution with best Hacking Tools for penetration testers and security researchers.
โ Fedora-based bootable live operating system designed to provide easy access to best-of-breed open source network security applications.
โ Security-focused live CD based on Gentoo.
โ Ubuntu-based distribution for penetration tests and security assessments.
โ Distribution similar to Kali, with multiple architectures with 100 of Hacking Tools.
โ GNU/Linux virtual machine that is pre-configured for online investigators.
โ provides a safe test environment to work on security auditing, forensics, system rescue, and teaching security testing methodologies.
โ Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that eliminates often unused toolchains.
โ GNU/Linux distribution focused on tools useful during the Internet of Things (IoT) security assessments.
docker pull kalilinux/kali-linux-docker
docker pull owasp/zap2docker-stable โ
docker pull wpscanteam/wpscan โ
docker pull citizenstig/dvwa โ
docker pull wpscanteam/vulnerablewordpress โ
docker pull hmlio/vaas-cve-2014-6271 โ
docker pull hmlio/vaas-cve-2014-0160 โ
docker pull opendns/security-ninjas โ
docker pull diogomonica/docker-bench-security โ
docker pull ismisepaul/securityshepherd โ
docker pull danmx/docker-owasp-webgoat โ
docker-compose build && docker-compose up โ
docker pull citizenstig/nowasp โ
docker pull bkimminich/juice-shop โ
docker pull kalilinux/kali-linux-docker โ
docker pull phocean/msf โ
โ post-exploitation Hacking Tools for offensive security teams to help verify vulnerabilities and manage security assessments.
โ Java-based GUI front-end for the Metasploit Framework.
โ Multiuser integrated pentesting environment for red teams performing cooperative penetration tests, security audits, and risk assessments.
โ Graphical tool for automating penetration tests that ships with many pre-packaged exploits.
โ Cross-platform (Windows, Linux, macOS, Android) remote administration and post-exploitation tool,
โ Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.
โ Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable.
โ Free software implementation of the popular Nessus vulnerability assessment system.
โ Agentless vulnerability scanner for GNU/Linux and FreeBSD, written in Go.
โ Static analysis security vulnerability scanner for Ruby on Rails applications.
โ Extensible C/C++ static analyzer focused on finding bugs.
โ Free software static analyzer to look for bugs in Java code.
โ Security-focused static analysis for the Phoenix Framework.
โ Security oriented static analyzer for Python code.
โ Noisy but fast black box web server and web application vulnerability scanner.
โ Scriptable framework for evaluating the security of web applications.
โ Hacking Tools for Web application attack and audit framework.
โ Black box web application vulnerability scanner with built-in fuzzer.
โ In-browser web application security testing suite.
โ Commercial, graphical web application vulnerability scanner designed for macOS.
โ Hacking Tools of the Black box WordPress vulnerability scanner.
โ Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running.
โ one of the best Hacking Tools for Joomla vulnerability scanner.
โ Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
โ Open source network scanner that enables researchers to easily perform Internet-wide network studies.
โ Free security scanner for network exploration & security audits.
โ one of the Hacking Tools forGNU/Linux packet crafting.
โ Utility for using websites to perform port scans on your behalf so as not to reveal your own IP.
โ Common packet analyzer that runs under the command line.
โ Widely-used graphical, cross-platform network protocol analyzer.
โ Website offering an interface to numerous basic network utilities like ping, traceroute, whois, and more.
โ Swiss army knife for network sniffing.
โ Multifunctional network toolkit.
โ Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools.
โ Highly configurable DNS proxy for pentesters.
โ one of the Hacking Tools for Online DNS recon and search service.
โ Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS.
โ Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack and then performs reverse look-ups on the results.
โ One of the Hacking Tools for Passive DNS network mapper.
โ One of the Hacking Tools for DNS enumeration script.
โ Determines where a given DNS server gets its information from, and follows the chain of DNS servers.
โ Library and query tool for querying several passive DNS providers.
โ Network sniffer that logs all DNS server replies for use in a passive DNS setup.
โ best Hacking Tools for TCP port scanner, spews SYN packets asynchronously, scanning the entire Internet in under 5 minutes.
โ Network attack tool centered around the exploitation of local networks.
โ Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
โ Automated ettercap TCP/IP Hacking Tools .
โ HTTP/HTTPS proxy over SSH.
โ Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk.
โ Reverse engineering, traffic generation and fuzzing of communication protocols.
โ Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time.
โ Punches holes in firewalls and NATs.
โ Collection of tools for network auditing and pentesting.
โ Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.
โ Handy SMB enumeration tool.
โ Python-based interactive packet manipulation program & library.
โ Network forensic analysis framework.
โ Simple and powerful network traffic analyzer for macOS.
โ Caffeinated packet analyzer.
โ Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.
โ Automated multi-function printer data harvester for gathering usable data during security assessments.
โ Open source exploitation framework similar to Metasploit but dedicated to embedded devices.
โ Modular framework to take advantage of poor upgrade implementations by injecting fake updates.
โ Network (sub)domain discovery and reconnaissance automation tool.
โ Comprehensive, mature suite for machine-in-the-middle attacks.
โ Modular, portable and easily extensible MITM framework.
โ A swiss army knife for pentesting networks.
โ A collection of Python classes for working with network protocols.
โ Set of Penetration testing & Hacking Tools list for auditing wireless networks.
โ Wireless network detector, sniffer, and IDS.
โ Brute force attack against Wifi Protected Setup.
โ Automated wireless attack tool.
โ Suite of automated social engineering-based WPA attacks.
โ Fast and comprehensive TLS/SSL configuration analyzer to help identify security misconfigurations.
โ Fingerprint a serverโs SSL/TLS implementation.
โ Command-line tool which checks a serverโs service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.
โ Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.
โ Free cross-platform web debugging proxy with user-friendly companion tools.
โ One of the Hacking Tools ntegrated platform for performing security testing of web applications.
โ Easy to install a test browser with all the appropriate settings needed for web application testing with native Burp support, from NCCGroup.
โ Command and control server for delivering exploits to commandeered Web browsers.
โ Python-based framework for pentesting Web applications based on the OWASP Testing Guide.
โ Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
โ Exploit WordPress-powered websites with Metasploit.
โ Automatic SQL injection and database takeover tool.
โ Automatic server-side template injection and Web server takeover Hacking Tools.
โ Weaponized web shell.
โ Wappalyzer uncovers the technologies used on websites.
โ Website fingerprinter.
โ Web application fingerprinter.
โ Identifies and fingerprints Web Application Firewall (WAF) products.
โ Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs.
โ Automatic LFI exploiter and scanner.
โ LFI scan and exploit tool.
โ LFI exploitation tool.
โ Automated all-in-one operating system command injection and exploitation tool.
โ Rip web-accessible (distributed) version control systems: SVN/GIT/HG/BZR.
โ One of the Hacking Tools that Automatically find and download Web-accessible .git repositories.
โ One of the Hacking Tools Demonstration of the HTTPS stripping attacks.
โ SSLStrip version to defeat HSTS.
โ Automatic NoSQL injection and database takeover tool.
โ A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases, and dynamic default pages.
โ Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
โ Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible.
โ A simple script to take screenshots of the list of websites.
โ Browser-based hex editing.
โ Worldโs finest (proprietary, commercial) Hex Editor.
โ Binary file editor for Windows.
โ Native macOS hex editor that supports plug-ins to display custom data types.
โ File formats and network protocols dissection language and web IDE, generating parsers in C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.
โ Binary data visualization and analysis tool.
โ Python library to view and edit a binary stream as the tree of fields and tools for metadata extraction.
โ Generate Metasploit payloads that bypass common anti-virus solutions.
โ Generates custom shellcode, backdoors, injectors, optionally obfuscates every byte via encoders.
โ Runtime encryptor for 32-bit portable executables (โPE .exesโ).
โ Post-process exploits containing executable files targeted for Windows machines to avoid being recognized by antivirus software.
โ Automates the process of hiding a malicious Windows executable from antivirus (AV) detection.
โ Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.
โ Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.
โ One of the best Hacking Tools for Fast password cracker.
โ Another One of the Hacking Tools The more fast hash cracker.
โ Generates custom wordlists by spidering a targetโs website and collecting unique words.
โ Simple HS256 JWT token brute force cracker.
โ RAR brute force cracker.
โ Find the password of an encrypted wallet file (i.e. wallet.dat).
โ The Sysinternals Troubleshooting Utilities.
โ Inspect logon sessions and add, change, list, and delete associated credentials, including Kerberos tickets.
โ Credentials extraction tool for Windows operating system.
โ PowerShell Post-Exploitation Framework.
โ Detects potential missing patches on the target.
โ LLMNR, NBT-NS and MDNS poisoner.
โ Graphical Active Directory trust relationship explorer.
โ Pure PowerShell post-exploitation agent.
โ Tool for exploration and tracing of the Windows kernel.
โ Generates architecture-independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
โ Post-exploitation tool for retrieving password hashes and credentials from Windows workstations, servers, and domain controllers.
โ Shellcode generator for numerous attack vectors, including Microsoft Office macros, PowerShell, HTML applications (HTA), or certutil (using fake certificates).
โ Python script that uses Empireโs RESTful API to automate gaining Domain Admin rights in Active Directory environments.
โ Heuristic reporting on potentially viable exploits for a given GNU/Linux system.
โ Pure Python post-exploitation data mining and remote administration tool for macOS.
โ Open source network stress tool for Windows.
โ JavaScript in-browser version of LOIC.
โ DoS tool that uses low bandwidth on the attacking side.
โ Updated version of Low Orbit Ion Cannon, has โboostersโ to get around common countermeasures.
โ Faster network stress tool.
โ Abuses OSI layer 7 HTTP to create/manage โzombiesโ and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
โ Open source pentesting framework designed for social engineering featuring a number of custom attack vectors to make believable attacks quickly.
โ One of the Hacking Tools for Phishing campaign toolkit used for creating and managing multiple simultaneous phishing attacks with custom email and server content.
โ MITM attack framework used for phishing credentials and session cookies from any Web service.
โ Automated phishing attacks against WiFi networks.
โ Tool for phishing and corporate espionage written in Ruby.
โ Tool for generating keyloggers.
โ One of the Hacking Tools and Proprietary software for open-source intelligence and forensics, from Paterva.
โ E-mail, subdomain, and people names harvester.
โ Geolocation OSINT tool.
โ Metadata harvester.
โ Database of Google dorks; can be used for recon.
โ Common Google dorks and others you probably donโt know.
โ Command-line Google Dorking tool.
โ Command-line Google dork tool.
โ collects data on hosts and websites through daily ZMap and ZGrab scans.
โ Worldโs first search engine for Internet-connected devices.
โ One of the Hacking Tools Full-featured Web Reconnaissance framework written in Python.
โ CLI tool to scan Github Repos/organizations for potential sensitive information leak.
โ Plugin-based tool to scan public version control systems for sensitive information.
โ Multi-source OSINT automation tool with a Web UI and report visualizations
โ GNU/Linux bash based Bing and Google Dorking Tool.
โ Perform Google dorks against a domain.
โ Information gathering via dorks.
โ one of the Hacking Tools for Automated Pentest Recon Scanner.
โ Search engine for threats.
โ VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
โ OSINT visualizer utilizing Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye behind the scenes.
โ Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.
โ Automated OSINT & Attack Surface discovery framework with powerful API, UI, and CLI.
โ Search engine for cyberspace that lets the user find specific network components.
โ Free software and onion routed overlay network that helps you defend against traffic analysis.
โ One of the Hacking Tools for investigating the Dark Web by finding operational security issues introduced by Tor hidden service operators.
โ The Invisible Internet Project.
โ Script to redirect all traffic from the machine to the Tor network.
โ Comprehensive detection page to test your own Web browserโs configuration for privacy and identity leaks.
โ Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, .
โ Windows Driver Kit and WinDbg.
โ x86 debugger for Windows binaries that emphasizes binary code analysis.
โ Open source, cross-platform reverse engineering framework.
โ Open source x64/x32 debugger for windows.
โ Powerful way to write exploits and analyze malware.
โ OllyDbg-like debugger for GNU/Linux.
โ Open source, cross-platform interactive disassembler.
โ Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
โ Python Exploit Development Assistance for GDB.
โ one of the Hacking Tools to reverse engineer .NET assemblies.
โ Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
โ Python scriptable Reverse Engineering sandbox by Cisco-Talos.
โ Extensible debugger UI toolkit written in Python.
โ lightweight multi-platform, multi-architecture disassembly framework.
โ Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.
โ Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
โ Covert โUSB Ethernet Adapterโ that provides remote access, network intelligence gathering, and MITM capabilities when installed in a local network.
โ Customizable keystroke injection attack platform masquerading as a USB thumb drive.
โ Siphons cookies, exposes internal (LAN-side) router and installs web backdoor on locked computers.
โ Wireless auditing and penetration testing platform.
โ RFID/NFC cloning, replay, and spoofing toolkit often used for analyzing and attacking proximity cards/readers, wireless keys/keyfobs, and more.
โ Complete open-source toolchain for side-channel power analysis and glitching attacks.
โ Collection of setup scripts to install various security research tools easily and quickly deployable to new machines.
โ Rapid exploit development framework built for use in CTFs.
โ Decrypt data enciphered using weak RSA keys, and recover private keys from public keys using a variety of automated attacks.
โ Curated list of public penetration test reports released by several consulting firms and academic security groups.
โ testandverification.com template.
โ hitachi-systems-security.com template.
โ lucideus.com template.
โ crest-approved.org template.
โ pcisecuritystandards.org template.
โ Dictionary of common names (i.e., CVE Identifiers) for publicly known security vulnerabilities.
โ United States governmentโs National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.
โ Summaries, technical details, remediation information, and lists of vendors affected by software vulnerabilities, aggregated by the United States Computer Emergency Response Team (US-CERT).
โ Public, vendor-neutral forum for a detailed discussion of vulnerabilities, often publishes details before many other sources.
โ Software security bug identification database compiled from submissions to the SecurityFocus mailing Penetration testing tools list and other sources, operated by Symantec, Inc.
โ Non-profit project hosting exploits for software vulnerabilities, provided as a public service by Offensive Security.
โ Announcements of security issues discovered in Microsoft software, published by the Microsoft Security Response Center (MSRC).
โ Archive of security advisories impacting Microsoft software.
โ Archive of security advisories impacting Mozilla software, including the Firefox Web Browser.
โ Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry.
โ Archive of published CVE and Bugtraq software vulnerabilities cross-referenced with a Google dork database for discovering the listed vulnerability.
โ Independent source of software vulnerability information.
โ Open forum for security advisories organized by category of exploit target.
โ Bug bounty program with the publicly accessible archive of published security advisories, operated by TippingPoint.
โ Security database of software vulnerabilities.
() โ Exploit marketplace and vulnerability, information aggregator.
โ Historical archive of security vulnerabilities in computerized equipment, no longer adding to its vulnerability database as of April, 2016.Hacking Tools
โ Aggregator of cross-referenced software vulnerabilities offering free-of-charge API access, provided by the Hasso-Plattner Institute, Potsdam.Hacking Tools
โ annual hacker convention in Las Vegas.
โ Annual security conference in Las Vegas.
โ Framework for organizing and holding security conferences.
โ Annual meeting of the international hacker scene in Germany.
โ Annual hacker conference based in Louisville.
โ Technology conference held annually in middle Tennessee.
โ Annual US East coast hacker convention.
โ Infosec conference, held annually in North Carolina.
โ Christchurch Hacker Con, Only South Island of New Zealand hacker con.
โ One of the oldest hacker conventions, held during Summer.
โ Annual conference held in Luxembourg.
โ Largest hacking conference in Canada.
โ Deep-knowledge security conference held in Malaysia and The Netherlands.
โ Annual international IT Security event with workshops held in Heidelberg, Germany.
โ Annual US hacker conference.
โ Annual US hacker conference held in Chicago.
โ Annual US security conference held every spring in Los Angeles.
โ Security Conference in Vienna, Austria.
โ Technology conference in Nashville.
โ Security Conference in .
โ Largest Security Conference in Eastern Europe, held annually in Bucharest, Romania.
โ Annual conference organized by OWASP.
โ Annual security conference in Belgium.
โ Europeโs number one information security event, held in London, UK.
โ Annual conference in Delhi and Goa, India.
โ Annual security conference in San Francisco, California, USA.
โ Annual security conference in Lucerne, Switzerland.
โ Annual conference going to be held in Denver, the USA for 2016.
โ Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina.
โ Annual Security Conference held in London.
โ Balkan Computer Congress, annually held in Novi Sad, Serbia.
โ FSec โ Croatian Information Security Gathering in Varaลพdin, Croatia.
โ American publication about technology and computer โunderground.โ
โ By far the longest-running hacker zine.
โ List of Hacking tools present in Kali Linux.
โ Top 125 Network Security Hacking Tools.
โ Awesome Pentest Cheat Sheets.
โ One of the main language for open source security tools.
โ Software framework for Microsoft Windows platform development.
โ Command-line frameworks, toolkits, guides, and gizmos.
โ The de-facto language for writing exploits.
โ The de-facto language for writing exploits.
โ The de-facto language for writing exploits.
โ In-browser development and scripting.
โ Curated list of delightful Node.js packages and resources.
โ Lots of pentesting tools are written in Python.
โ General Python programming.
โ General Python programming.
โ Collection of Android security-related resources.
โ The List of the Lists.
โ Resources for learning about application security.
โ Capture The Flag frameworks, libraries, etc.
โ Comprehensive directory of CTFs, wargames, hacking challenge websites, Penetration testing tools list practice lab exercises, and more.
โ Tutorials, tools, and resources.
โ Honeypots, tools, components, and more.
โ Information security resources for pentesting, forensics, and more.
โ Free (mostly open-source) forensic analysis tools and resources.
โ Tools and resources for analysts.
โ Tools for processing network traffic.
โ Software, libraries, documents, and other resources.
โ Awesome guides, tools, and other resources about the security and compromise of locks, safes, and keys.
โ Collection of multiple types of lists used during security assessments.
โ Curated list of security conferences.
โ Awesome OSINT list containing great resources.
โ YARA rules, tools, and people.
Learn & practice
Become VeryLazyTech ! ๐
โ Twitter .
๐พ Github .
๐ Medium .
๐บ YouTube .
๐ฉ Telegram .
๐ต๏ธโโ๏ธ My Site .
Visit our for e-books and courses. ๐