Penetration Testing Tools

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing, originally forked from Backtrack Linux by the Offensive Security team.

Parrot is a GNU/Linux distribution based on Debian Testing and designed with Security, Development, and Privacy in mind.

Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose - for free. This helps prioritize remediation and eliminate false positives, providing true...

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack...

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

The Kali Linux NetHunter project is the first Open Source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member “BinkyBear” and Offensive Security. NetHunter supports Wireless 802.

BlackArch Linux is an Small Arch Linux iconArch Linux -based distribution for penetration testers and security researchers. The repository contains 2554 tools.

It's well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket, build Golden tickets, play with certificates or private keys, vault... maybe make coffee?.

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

The Social-Engineer Toolkit is an open source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly.

Wifite is an automated wireless attack tool. Wifite was designed for use with pentesting distributions of Linux, such as Kali Linux, Pentoo, BackBox; any Linux distributions with wireless drivers patched for injection. The current version 2 is a complete re-write of the original.

Caido is a cutting-edge web application security tool that enables users to efficiently identify and assess potential vulnerabilities in their web applications. It can be easily integrated into both personal and enterprise environments, making it adaptable to a wide range of...

Founded in 2015, YesWeHack is a global Bug Bounty and VDP Platform. YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered), connecting more than 45,000 cybersecurity experts (ethical hackers) across 170 countries...

btscanner is a tool designed specifically to extract as much information as possible from a Bluetooth device without the requirement to pair.

Exploit Pack is an open source project security that will help you adapt exploit codes on-the-fly.

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated.

Sn1per Professional is an all-in-one offensive security platform that provides a comprehensive view of your internal and external attack surface and offers an asset risk scoring system to prioritize, reduce, and manage risk.

Welcome to a place, where you can learn cyber-security using more than 100+ tutorials & certification training, created by cyber security experts.

BackBox is a Linux distribution based on Ubuntu developed to perform penetration tests and security assessments. Designed to be fast, easy to use and to provide a minimal yet complete desktop environment thanks to its own software repositories...

Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system.

PwnTillDawn is an online platform for learning and improving your penetration testing skills against realist vulnerable machines.

Bluesniff is a proof of concept Bluetooth device discovery tool. Bluesniff can be concidered a bluetooth wardriver of sorts. It is meant to raise awareness of BT security issues and likely has a lot of room for improvement.

A self-hosted multi-tool pentest platform with a perfect toolset. It's designed to help pentesters, bug hunters, or CTF players to make their work efficient and convenient. Especially to simplify the way of writing reports.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range...

To provide materials that allows anyone to gain practical 'hands-on' experience in digital security, computer software & network administration.