The tools listed below are commonly used in penetration testing, and the tool catalog is referenced from Kali Tools, most of which are open source software. The project long-term supplementary update QAQ
- Chinese Goto Chinese
- Directory
- Source Code
- Documentation
- Information Gathering
- Vulnerability Analysis
- Web Applications
- Database Assessment
- Password Attacks
- Exploitation Tools
- Maintaining Access
- Reporting Tools
- Code Audit
- Port Forwarding & Proxies
- Range
- GHDB - Google Hack Database
- SearchDiggity - SearchDiggity 3.1 is the primary attack tool of the Google Hacking Diggity Project
- Nmap | Zenmap - Free and open source utility for network discovery and security auditing
- Masscan - TCP port scanner, spews SYN packets asynchronously
- Ports - Common service ports and exploitations
- [theHarvester](https://github.com/laramies/theHarvester)- E-mails, subdomains and names Harvester - OSINT
- [FOCA](https://github.com/ElevenPaths/FOCA) - Tool to find metadata and hidden information in the documents.
- AngelSword - CMS vulnerability detection framework
- WhatWeb - Next generation web scanner
- Wappalyzer - Cross-platform utility that uncovers the technologies used on websites
- Whatruns - A free browser extension that helps you identify technologies used on any website at the click of a button (Just for chrome)
- Yunsee - Online website for to find the CMS footprint
- bugscaner - A simple online fingerprint identification system that supports hundreds of cms source code recognition
- WhatCMS - CMS Detection and Exploit Kit based on Whatcms.org API
- Burpsuite - Burpsuite is a graphical tool for testing Web application security
- ZAP One of the world’s most popular free security tools
- Mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
- Struts-Scan - Struts2 vulnerability detection and utilization tools
- Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items
- W3af - Web application attack and audit framework, the open source web vulnerability scanner
- Openvas - The world's most advanced Open Source vulnerability scanner and manager
- Archery - Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities
- Taipan - Web application vulnerability scanner
- Arachni - Web Application Security Scanner Framework
- Dirbrute - Multi-thread WEB directory blasting tool (with dics inside)
- Dirbuster - DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers
- Fuxi-Scanner - open source network security vulnerability scanner, it comes with multiple functions.
- Xunfeng - The patrol is a rapid emergency response and cruise scanning system for enterprise intranets
- WebMap - Nmap Web Dashboard and Reporting
- Hydra - Hydra is a parallelized login cracker which supports numerous protocols to attack
- Medusa - Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer
- Sparta: Document - Network Infrastructure Penetration Testing Tool
- Hashcat - World's fastest and most advanced password recovery utility
- Fern Wifi cracker - Fern-Wifi-Cracker is designed to be used in testing and discovering flaws in ones own network with the aim of fixing the flaws detected
- ollydbg - OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows
- SPLOITUS - Sploitus is а convenient central place for identifying the newest exploits and finding attacks that exploit known vulnerabilities
- SearchSploit - The official Exploit Database repository
- Getsploit - Command line utility for searching and downloading exploits
- BeeF - The Browser Exploitation Framework Project
- BlueLotus_XSSReceiver - XSS Receiver platform without SQL
- xssor2 - XSS'OR - Hack with JavaScript.
- Xsser-Varbaek - From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
- Xsser-Epsylon - Cross Site "Scripter" (aka XSSer) is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.
- Xenotix - An advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework
- Sqlmap - Automatic SQL injection and database takeover tool
- Sqlmate - A friend of SQLmap which will do what you always expected from SQLmap
- SQLiScanner - Automatic SQL injection with Charles and sqlmap api
- Commix - Automated All-in-One OS command injection and exploitation tool
- LFIsuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
- Kadimus - Kadimus is a tool to check sites to lfi vulnerability , and also exploit it
- Shellfire - Exploitation shell for exploiting LFI, RFI, and command injection vulnerabilities
- LFIter2 - LFIter2 Local File Include (LFI) Tool - Auto File Extractor & Username Bruteforcer
- Fuxploider - File upload vulnerability scanner and exploitation tool
- XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods
- Oxml_xxe - A tool for embedding XXE/XML exploits into different filetypes
- Deemon - Deemon is a tool to detect CSRF in web application
- POC-T - Pentest Over Concurrent Toolkit
- Pocsuite - Pocsuite is an open-sourced remote vulnerability testing framework developed by the Knownsec Security Team
- Metasploit - The world’s most used penetration testing framework
- Empire - Empire is a PowerShell and Python post-exploitation agent
- koadic - Koadic C3 COM Command & Control - JScript RAT
- DeepExploit - Fully automatic penetration test tool using Machine Learning
- GyoiThon - GyoiThon is a growing penetration test tool using Machine Learning
- Generator - Fully automatically generate numerous injection codes for web application assessment
- AutoSploit - Automated Mass Exploiter
- WinPwn - Automation for internal Windows Penetrationtest / AD-Security
- WireShark - Wireshark is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems.
- Cain & able - Cain & Abel is a password recovery tool for Microsoft Operating Systems.
- Novahot - A webshell framework for penetration testers.
- Chopper
Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......
Link: https://pan.baidu.com/s/1VnXkoQU-srSllG6JaY0nTA Password: v71d
-
AntSword : Document - AntSword is a cross-platform website management toolkit
-
CKnife - The cross platform webshell tool in java
Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......
Link: https://pan.baidu.com/s/1QZrnWU7DUuJhiXl7u1kELw Password: hjrh
- Altman - The cross platform webshell tool in .NET
- windows-exploit-suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target
- Windows-kernel-exploits - windows-kernel-exploits
- linux-exploit-suggester-2 - Next-Generation Linux Kernel Exploit Suggester
- Linux-kernel-exploits - linux-kernel-exploits Linux
- BeRoot - Privilege Escalation Project - Windows / Linux / Mac
- PE-Linux - Linux Privilege Escalation Tool By WazeHell
- Portia - Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
- Vulnreport - Open-source pentesting management and automation platform by Salesforce Product Security
- Cloc - cloc counts blank lines, comment lines, and physical lines of source code in many programming languages
- Cobra - Source Code Security Audit
- Cobra-W - Cobra for white hat
- Graudit - Grep rough audit - source code auditing tool
- Rips - A static source code analyser for vulnerabilities in PHP scripts
- EarthWorm - Tool for tunnel
- Termite - Tool for tunnel (Version 2)
- Frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet
- reGeorg - The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn
- DevAudit - Open-source, cross-platform, multi-purpose security auditing tool
- DVWA - Damn Vulnerable Web Application (DVWA)
- WebGoat - WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons
- DSVW - DSVW is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes
- DVWS - Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities
- XVWA - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security
- bWAPP - A buggy web application whit more than 100 vulnerabilities
- Sqli-lab - SQLI labs to test error based, Blind boolean based, Time based
- HackMe-SQL-Injection-Challenges - Hack your friend's online MMORPG game - specific focus, sql injection opportunities
- XSS-labs - Small set of scripts to practice exploit XSS and CSRF vulnerabilities
- SSRF-lab - Lab for exploring SSRF vulnerabilities
- LFI-labs - Small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
- Commix-testbed - A collection of web pages, vulnerable to command injection flaws
- File-Upload-Lab - Damn Vulnerable File Upload V 1.1
- upload-labs - A summary of all types of uploading vulnerabilities for you
- XXE-Lab - A XXE vulnerability Demo containing language versions such as PHP, Java, python, C#, etc
- MSFvenom-gui - gui tool to create normal payload by msfvenom