Rawsec's CyberSecurity Inventory

An inventory of tools and resources about CyberSecurity.

Tools

Note: Paid softwares may exist in a free limited version or a demo version

Binary Exploitation

Name Website Source Description Programming language Price Online
ASLRay [Source] Tool for ASLR bypass with stack-spraying Shell Free False
heaphopper [Website] [Source] Bounded model checking framework for Heap-implementations Python Free False
libformatstr [Source] Library to simplify format string exploitation Python Free False
pwntools [Source] Framework and exploit development library Python Free False
pwntools-ruby [Source] Framework and exploit development library, ported onto ruby Ruby Free False
ROPgadget [Website] [Source] Framework for ROP exploitation Python Free False

Bug Bounty

Name Website Source Description Programming language Price Online
BountyDash [Source] Dashboard to combine rewards from all platforms, giving insights about progress and bug hunting patterns PHP Free False
bountyplz [Source] Automated bug bounty reporting/submission, supports HackerOne and Bugcrowd Shell Free False

Code Analysis

Name Website Source Description Programming language Price Online
AndroBugs Framework [Source] Android APK vulnerability analyzer Python Free False
MobSF [Source] Android APK vulnerability analyzer Python Free False
NodeJsScan [Source] Static security code scanner for Node.js applications Python Free False
QARK [Source] Android APK vulnerability analyzer Python Free False
StaCoAn [Source] Mobile applications static code analysis tool Python Free False
SUPER [Website] [Source] Android APK vulnerability analyzer Rust Free False
wpBullet [Source] Static code analysis for WordPress Plugins and Themes (and PHP) Python Free False

Collaboration and Report

Name Website Source Description Programming language Price Online
Archery [Website] [Source] Vulnerability Assessment and Management tool, run scan and manage vulnerabilities Python Free False
AttackForge.com [Website] Penetration test collaboration platform: vulnerability management and reporting Free True
DART [Source] Documentation And Reporting Tool; Collaborative penetration test and vulnerability management platform Python Free False
DefectDojo [Website] [Source] Vulnerability management application built for DevOps and continuous security integration Python Free False
Dradis [Website] [Source] Collaborative penetration test and vulnerability management platform Ruby Paid False
Faraday [Website] [Source] Collaborative penetration test and vulnerability management platform Python Paid False
hackOx [Website] [Source] Modular web based pentesting interface designed to run on Raspberry Pi PHP Free False
Kvasir [Source] Pentest data management tool Python Free False
Lair [Website] [Source] Collaborative penetration test and vulnerability management platform JavaScript Free False
MISP [Website] [Source] Malware Information Sharing Platform, an Open Source threat intelligence plateform and open standards for threat information sharing PHP Free False
OSCP Exam Report Template in Markdown [Website] [Source] Markdown templates for OSCP exam report Markdown Free False
OWASP PenText [Website] [Source] Collection of XML templates, XML schemas and XSLT code, to generate IT security documents including test reports, offers and invoices Free False
PatrOwl [Website] [Source] Security operations orchestration and continuous threat management platform Python Free False
Prithvi [Website] [Source] Report generation tool for pentester with provided OWASP data JavaScript Free False
Serpico [Source] SimplE RePort wrIting and CollaboratiOn tool, penetration testing report generation and collaboration tool Ruby Free False
Sh00t [Source] Pentesting platform with dynamic task manager, checklists, bug template & bug report Python Free False
SwiftnessX [Source] Cross-platform note-taking and target-tracking app for penetration testers JavaScript Free False
vcr [Source] Vulnerability Compliance Report; parse Nessus CIS benchmark scan files and generate HTML reports PowerShell Free False
vuldash [Website] [Source] Vulnerability Dashboard; vulnerability management, project management and report generation PHP Free False
Vulnreport [Website] [Source] Pentesting management and automation platform Ruby Free False

Configuration audit

Name Website Source Description Programming language Price Online
Nipper Studio [Website] Tool that parse router, switch, firewall configuration to discover vulnerabilities Paid False
Nipper-ng [Source] Tool that parse router, switch, firewall configuration to discover vulnerabilities Cplusplus Free False

Cracking (Hash)

Name Website Source Description Programming language Price Online
Bopscrk [Source] Before Outset PaSsword CRacKing, password wordlist generator with exclusive features like lyrics based mode Python Free False
CeWL [Source] Custom wordlist generator based on website crawling Ruby Free False
Cracklord [Website] [Source] Scalable, pluggable, and distributed system for password cracking Go Free False
crunch [Source] Wordlist generator C Free False
CUPP [Source] Common User Passwords Profiler, wordlist generator based on user profiling Python Free False
GoCrack [Source] Management frontend for password cracking tools, supporting hashcat Go Free False
Hashcat [Website] [Source] Password cracking tool C Free False
Hashtopolis [Source] Hashcat wrapper for distributed hashcracking PHP Free False
Hashview [Website] [Source] Web-UI for managing, organizing, automating hashcat commands/tasks Ruby Free False
John The Ripper [Website] Password cracking tool C Free False
John the Ripper, Jumbo version [Website] [Source] Password cracking tool, community-enhanced version of John The Ripper C Free False
lyricpass [Source] Tool to generate wordlists based on lyrics Python Free False
Mentalist [Source] Graphical tool for custom wordlist generation, can output rules compatible with Hashcat and John the Ripper Python Free False
Ophcrack [Website] [Source] Windows password cracker based on rainbow tables Free False
pnwgen [Source] Phone number wordlist generator Python Free False
PowerSniper [Source] Password spraying script and helper for creating password lists PowerShell Free False
pydictor [Source] Multi-method password wordlist generator Python Free False
TTPassGen [Source] Flexiable and scriptable password dictionary/wordlist generator Python Free False
wordlistctl [Source] Fetch, install and search wordlist archives from websites and torrent peers Python Free False

Cryptography

Name Website Source Description Programming language Price Online
crypto-identifier [Source] Tool that try to identify what cipher is used and uncipher the data Python Free False
Crypton [Source] Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Hashing Algorithms along with example challenges from CTFs Python Free False
Dcode [Website] Code and decode all kind of checksums, algorithms, codes or ciphers Free True
FeatherDuster [Source] Cryptanalysis tool and library Python Free False
Haiti [Website] [Source] A CLI tool to identify the hash type of a given hash Ruby Free False
hashID [Source] Identify the different types of hashes Python Free False
PkCrack [Website] Tool for breaking PkZip encryption Free False
RsaCtfTool [Source] Tool to conduct manual or automated attack on RSA Python Free False
RSATool [Source] Tool to calculate RSA parameters Python Free False
RSHack [Source] RSA attack and key manipulation tool Free False
XORTool [Source] Tool to analyze multi-byte xor cipher Python Free False

Digital Forensics

Name Website Source Description Programming language Price Online
Cerbero Profiler [Website] File analyzer and inspector Paid False
dnscat2 [Source] Encrypted command-and-control (C&C) channel over the DNS protocol, data exfiltration Cplusplus Free False
ExifTool [Website] [Source] Library and CLI tool for reading, writing and editing metadata for a lot of file types Perl Free False
extundelete [Website] [Source] Tool to recover deleted files from an ext3 or ext4 partition Free False
Fibratus [Source] Tool for exploration and tracing of the Windows kernel Python Free False
Foremost [Website] [Source] CLI tool to recover files based on their headers, footers, and internal data structures Free False
rekall [Website] [Source] Volatile memory extraction utility Python Free False
rekall (Fireeye fork) [Source] Fork of rekall with support for Windows 10 memory compression Python Free False
ResourcesExtract [Website] Scans dll/ocx/exe files and extract all resources found, Windows only Free False
shellbags [Source] Shellbag parser (Windows Registry Keys) Python Free False
volatility [Website] [Source] Volatile memory extraction utility Python Free False
volatility (Fireeye fork) [Source] Fork of volatility with support for Windows 10 memory compression Python Free False

Honeypot and Decoy

Name Website Source Description Programming language Price Online
Canarytokens [Website] [Source] quickly deployable honeypot with docker image, the online service allows to get alerted by email for URL token, DNS token, unique email address, custom image, MS word doc., Acrobat Reader PDF doc., and more Free True
DejaVU [Source] Deception framework which can be used to deploy decoys across the infrastructure Free False

Incident Response

Name Website Source Description Programming language Price Online
DFIRTrack [Source] Incident response tracking web application, focused on handling one major incident with a lot of affected systems Python Free False

Intentionally Vulnerable Applications

Name Website Source Description Programming language Price Online
bWAPP [Website] [Source] Buggy Web Application, insecure webapp for security trainings PHP Free False
DVIA [Website] [Source] Damn Vulnerable iOS App, insecure webapp for mobile security trainings Swift Free False
DVWA [Website] [Source] Damn Vulnerable Web Application, insecure webapp for security trainings PHP Free False
Google Gruyere [Website] [Source] Codelab for white-box and black-box hacking Python Free True
Hackazon [Source] Intentionally vulnerable web shopping application using modern technologies and containing configurable areas PHP Free False
OWASP Juice Shop [Website] [Source] Insecure web application with >85 challenges; supports CTFs, custom themes, tutorial mode etc. JavaScript Free False
OWASP Mutillidae II [Website] [Source] Intentionally vulnerable web-application containing some OWASP Top Ten vulnerabilities, with hints and switch for secure version of the code PHP Free False
OWASP WebGoat [Website] [Source] Deliberately insecure web application to teach web application security lessons Java Free False
XVNA [Source] Extreme Vulnerable Node Application, insecure webapp for security trainings JavaScript Free False

Networking

Name Website Source Description Programming language Price Online
archtorify [Source] Script for Arch Linux which use iptables settings to create a transparent proxy through Tor Network Shell Free False
bettercap [Website] [Source] MITM framework Ruby Free False
bettercap web UI [Website] [Source] Web UI for bettercap TypeScript Free False
boofuzz [Source] Network protocol fuzzing framework Python Free False
BruteX [Source] Tool using nmap and hydra to automatically bruteforce network service accounts Shell Free False
CapAnalysis [Website] [Source] PCAP analyzer C Free True
chisel [Source] Fast TCP tunneling over HTTP secured by SSH Go Free False
CloudShark [Website] PCAP analyzer Paid True
Garfield [Source] Attack framework for distributed systems Python Free False
Hydra [Website] [Source] Network login cracker C Free False
kalitorify [Source] Script for Kali Linux which use iptables settings to create a transparent proxy through Tor Network Shell Free False
Masscan [Source] Port scanner for massive networks C Free False
Medusa [Website] Network login cracker Free False
Medusa-gui [Source] GUI for Medusa Java Free False
Ncrack [Website] [Source] Reliable and adaptative network login cracker supporting a large number of protocols Cplusplus Free False
nemesis [Website] [Source] Packet manipulation CLI tool; craft and inject packets of several protocols Python Free False
Netfort Free Cloud Based PCAP Analysis [Website] PCAP analyzer; needs registration Free True
NetworkMiner [Website] Network sniffer/packet capturing tool Free False
NetworkTotal [Website] PCAP analyzer; using Suricata Free True
Nipe [Source] Script to make TOR as default gateway Perl Free False
Nmap [Website] [Source] Tool for network discovery and security auditing C Free False
NMapGUI [Source] Advanced GUI for Nmap Java Free False
Nozzlr [Source] Multithreaded and modular bruteforce framework with network templates Python Free False
onesixtyone [Source] SNMP scanner C Free False
PacketFu [Source] Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols Ruby Free False
PacketTotal [Website] PCAP analyzer; using Bro, Suricata and Elasticsearch Free True
PacketWhisper [Source] Stealthy Data exfiltration via DNS, without the need for attacker-controlled Name Servers or domain Python Free False
Patator [Source] Multi-protocol bruteforce tool Python Free False
polarbearscan [Website] [Source] Port scanner and banner grabber C Free False
Polymorph [Source] Real-time network packet manipulation framework Python Free False
Responder [Source] LLMNR, NBT-NS and MDNS poisoner to intercept authentication requests/answers Python Free False
sandmap [Source] Metasploit-like CLI interface for Nmap Script Engine (NSE) Shell Free False
Scapy [Website] [Source] Packet manipulation library; forge, send, decode, capture packets of a wide number of protocols Python Free False
Seth [Source] RDP MitM tool Python Free False
Singularity [Website] [Source] DNS rebinding attack framework Go Free False
SNMP Brute [Source] SNMP brute force, enumeration, CISCO config downloader and password cracking script Python Free False
snmpbw.pl [Source] Multithreaded script for bulk walking targeted host systems for SNMP data Perl Free False
ssh-audit [Source] SSH scanner that detects protocol, version, grab banner, recognize software and operating system, output algorithm information and recommendations Python Free False
WebMap v1 [Source] A web dashboard for nmap XML report Python Free False
WebMap v2 [Source] A web dashboard for nmap XML report https://github.com/Nazicc/WebMap Free False
Whonow [Source] DNS Server for executing DNS Rebinding attacks JavaScript Free False
Wireshark [Website] [Source] Network protocol analyzer Cplusplus Free False
yersinia [Source] Framework for layer 2 attacks C Free False
Zenmap [Website] [Source] GUI for Nmap Python Free False
Zmap [Website] [Source] Collection of tools to scan and study massive networks C Free False

OSINT and Reconnaissance

Name Website Source Description Programming language Price Online
Amass [Website] [Source] DNS enumeration and network mapping tool suite: scraping, recursive brute forcing, crawling web archives, reverse DNS sweeping Go Free False
Aquatone [Website] [Source] Domain flyover tool; visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surface Go Free False
AutoRecon [Source] Multi-threaded network reconnaissance tool which performs automated enumeration of services Python Free False
badKarma [Source] Advanced network reconnaissance tool Python Free False
Belati [Source] OSINT tool, collect data and document actively or passively Python Free False
datasploit [Website] [Source] OSINT framework, find, aggregate and export data Python Free False
dnsenum [Source] DNS reconnaissance tool: AXFR, DNS records enumeration, subdomain bruteforce, range reverse lookup Perl Free False
dnsenum2 [Source] Continuation of dnsenum project Perl Free False
DNSRecon [Source] DNS reconnaissance tool: AXFR, DNS records enumeration, TLD expansion, wildcard resolution, subdomain bruteforce, PTR record lookup, check for cached records Python Free False
EagleEye [Source] OSINT tool, image recognition on instagram, facebook and twitter Python Free False
eTools.ch [Website] Metasearch engine, query 16 search engines in parallel Free True
Facebook_OSINT_Dump [Source] OSINT tool, facebook profile dumper, windows and chrome only Shell Free False
FOCA [Website] [Source] OSINT framework and metadata analyser Csharp Free False
gOSINT [Source] OSINT framework; find mails, dumps, retrieve Telegram history and info about hosts Go Free False
Harpoon [Source] CLI tool; collect data and document actively or passively Python Free False
Kostebek [Source] Tool to find firms domains by searching their trademark information Python Free False
leakScraper [Source] Set of tools to process and visualize huge text files containing credentials Python Free False
LinEnum [Source] System script for local Linux enumeration and privilege escalation checks Shell Free False
ODIN [Source] Observe, Detect, and Investigate Networks, Automated reconnaissance tool Python Free False
Omnibus [Source] OSINT framework; collection of tools Python Free False
OSINT Framework [Website] [Source] A web-based collection of tools and resources for OSINT Javascript Free True
Photon [Source] Fast crawler designed for OSINT Python Free False
PITT [Source] Web browser loaded with links and extensions for doing OSINT Free False
ReconDog [Source] Multi-purpose reconnaissance tool, CMS detection, reverse IP lookup, port scan, etc. Python Free False
Recon-ng [Source] Web-based reconnaissance tool Python Free False
Reconnoitre [Source] Tool made to automate information gathering and service enumeration while storing results Python Free False
ReconScan [Source] Network reconnaissance and vulnerability assessment tools Python Free False
Red Team Arsenal [Source] Automated reconnaissance scanner and security checks Python Free False
Sandmap [Website] [Source] Network and system reconnaissance scanner using Nmap Shell Free False
SearchDNS [Website] Netcraft tool; Search and find information for domains and subdomains Free True
SiteBroker [Source] Tool for information gathering and penetration test automation Python Free False
Sn1per [Source] Automated reconnaissance scanner Shell Free False
spiderfoot [Website] [Source] OSINT framework, collect and manage data, scan target Python Free False
Stalker [Source] Automated scanning of social networks and other websites, using a single nickname Python Free False
Sublist3r [Source] Subdomains enumeration tool Python Free False
Th3inspector [Source] Multi-purpose information gathering tool Perl Free False
theHarvester [Source] Multi-purpose information gathering tool: emails, names, subdomains, IPs, URLs Python Free False
tinfoleak [Source] Twitter intelligence analysis tool Python Free False
trape [Source] Analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time Python Free False

Other

Name Website Source Description Programming language Price Online
CyberChef [Website] [Source] Data manipulation toolkit in web browser JavaScript Free False
discover [Source] Scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit Shell Free False
Firefox Monitor [Website] Service to check if an account has been compromised in a data breach Free True
Have i been pwned? [Website] Service to check if an account has been compromised in a data breach Free True
hideNsneak [Source] CLI tool for ephemeral penetration testing, rapidly deploy and manage various cloud services Go Free False
inlite [Website] Scan QR-code, 1D, DataMatrix, Postal, PDF417, and more Free True
Interlace [Source] Turn single threaded command line applications into a multi-threaded application with CIDR and glob support Python Free False
itdis [Website] [Source] Is This Domain In Scope; a small tool that allows you to check if a list of domains you have been provided is in the scope of your pentest or not Ruby Free False
Metasploit [Website] [Source] Tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit, 4 versions: Pro (paid), Express (paid), Community (free with GUI but on request), Framework (free, open source, CLI) Ruby Paid False
OpenVAS [Website] [Source] Open Vulnerability Assessment Scanner C Free False
PentestBox [Website] [Source] Pre-configured portable penetration testing environment for Windows, all-in-one box Free False
PWDQUERY [Website] Service to check if an account has been compromised in a data breach Free True
Ronin [Website] [Source] Platform for vulnerability research and exploit development, it allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories Ruby Free False
Scrounger [Source] Mobile application testing toolkit, the mobile metasploit-like framework Python Free False
Seccubus [Website] [Source] Vulnerability scanning, reporting and analysis JavaScript Free False
Tool-X [Source] Kali linux hacking tool installer Python Free False
v0lt [Source] CTF toolkit / framework Python Free False
webqr [Website] Scan & create QR-code Free True
ysoserial [Source] Tool for generating payloads that exploit unsafe Java object deserialization Java Free False

Plugins

Name For Website Source Description Programming language Price Online
AWS Extender Burp Suite [Source] Identify and test S3 buckets, Google Storage buckets and Azure Storage containers for common misconfiguration Python Free False
GEF GDB [Source] GDB Enhanced Features, multi-architecture Python Free False
Mona Immunity Debugger [Source] Set of commands for Immunity Debugger Python Free False
PEDA GDB [Source] Python Exploit Development Assistance, (only python2.7) Python Free False
Pwndbg GDB [Source] Enhance GDB, for exploit development and reverse engineering Python Free False
Sploitego Maltego [Source] Maltego penetration testing Transforms Python Free False
Stepper Burp Suite [Source] Evolution of Burp Suite's Repeater tool, providing the ability to create sequences of steps and define regular expressions to extract values from responses Java Free False
XSSor Burp Suite [Source] semi-automatic reflected and persistent XSS scanner Python Free False

Red Teaming

Name Website Source Description Programming language Price Online
fireELF [Source] Fileless linux malware framework Python Free False
Kage [Source] Graphical user interface for Metasploit Meterpreter and session handler JavaScript Free False
Pupy [Source] Cross-platform, multi function remote access tool (RAT) and post-exploitation tool; fileless/all-in-memory execution, low footprint, multi-transport Python Free False
Sliver [Source] Cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS; remote access tool (RAT) Go Free False
UBoat [Source] HTTP botnet PoC CPlusPlus Free False

Reverse Engineering

Name Website Source Description Programming language Price Online
androguard [Source] Tool for reverse engineering and malware analysis of Android applications Python Free False
angr [Source] Platform-agnostic binary analysis framework Python Free False
ANY RUN [Website] Online virtual machine for malware hunting, sandbox with interactive access, real-time data-flow Free True
Apk2Gold [Source] Android decompiler (wrapper for apktool, dex2jar, and jd-gui) Shell Free False
Apktool [Website] [Source] Android disassembler and rebuilder Java Free False
arm_now [Source] Tool that allows instant setup of virtual machines on various architectures for reverse, exploit, fuzzing and programming purpose Python Free False
Barf [Source] Binary Analysis and Reverse engineering Framework Python Free False
bearparser [Website] [Source] PE parsing library (from PE-bear) CPlusPlus Free False
Binary Ninja [Website] Crossplatform binary analysis framework Python Paid False
binutils [Website] [Source] GNU collection of binary tools C Free False
binwalk [Source] Analyze, reverse engineer and extract firmware images (and other files, also usefull for Digital Forensics) Python Free False
boomerang [Source] x86 binaries to C decompiler Cplusplus Free False
ctf_import [Website] [Source] Library to run basic functions from stripped binaries C Free False
CFF Explorer [Website] PE Editor Free False
Cutter [Source] Qt and C++ GUI for radare2 CPlusPlus Free False
Defuse online disassembler [Website] Online x86 (32/64 bits) assembler and disassembler Free True
Droidefense [Website] [Source] Android apps/malware analysis/reversing tool Java Free False
edb [Source] Cross platform AArch32/x86/x86-64 debugger CPlusPlus Free False
Flare [Website] Processes SWF and extract scripts from it Free False
Flasm [Website] [Source] Disassembler tool for SWF bytecode Free False
Frida [Website] [Source] Dynamic code instrumentation toolkit C Free False
GDB [Website] [Source] GNU debugger Cplusplus Free False
Ghidra [Website] [Source] Software reverse engineering (SRE) suite of tools: disassembly, assembly, decompilation, graphing, scripting, etc. Java Free False
Hiew [Website] x86_64 disassembler for multiple formats Paid False
Hopper [Website] Disassembler, decompiler and debugger Paid False
IDA Pro [Website] Disassembler and debugger Paid False
ILSpy [Source] .NET assembly browser and decompiler to C# CSharp Free False
ImmunityDbg [Website] Windows debugger with Python scripting support Free False
jadx [Source] DEX to Java decompiler Java Free False
Java Decompilers [Website] .JAR and .Class to Java decompiler Free True
JD-GUI [Website] GUI tool decompiling JAVA Java Free False
JEB [Website] Disassembler, decompiler and debugger Paid False
JPEXS Free Flash Decompiler [Source] A.k.a ffdec, flash SWF decompiler Java Free False
JSDetox [Website] [Source] Javascript deobfustcator Ruby Free False
Kemon [Source] macOS kernel pre and post callback-based framework C Free False
Krakatau [Source] Java decompiler, assembler, and disassembler Java Free False
ldd [Website] Tool that print shared library dependencies Free False
Metasm [Website] [Source] Assembler, disassembler, compiler and debugger Ruby Free False
Medusa [Source] Interactive multi-architecture and multi-formats disassembler running on Windows and Linux Cplusplus Free False
ODA [Website] Advanced multi-architecture online disassembler supporting a lot of architectures and object file formats Free True
OllyDbg [Website] Windows debugger Free False
Pe-bear [Website] PE reverse tool: recognizes packers, fast disassembler, visualization of sections layout, selective comparing of two chosen PE files Free False
PE Explorer Disassembler [Website] Windows disassembler Paid False
PE Insider [Website] PE viewer, closed source and windows only Free False
Plasma [Source] x86/ARM/MIPS interactive disassembler Python Free False
Qira [Website] [Source] Timeless debugger (QIRA = QEMU Interactive Runtime Analyser) C Free False
RABCDAsm [Website] [Source] ActionScript disassembler D Free False
radare2 [Website] [Source] Crossplatform binary analysis framework, disassembler, decompiler and debugger, support collaborative analysis C Free False
rbkb [Source] Ruby BlackBag; a miscellaneous collection of command-line tools and ruby library helpers related to pen-testing and reversing Ruby Free False
Relyze [Website] x86 and ARM graphical interactive disassembler with Ruby plugin framework Paid False
RetDec [Website] [Source] Multi file formats and architectures machine-code decompiler Cplusplus Free False
sandsifter [Source] x86 processor fuzzer Python Free False
Snowman [Website] [Source] Native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures, exists as standalone app or as a plug-in Cplusplus Free False
strace [Source] Debugger for Linux Free False
Swftools [Website] [Source] Collection of utilities to work with SWF files C Free False
Triton [Website] [Source] Dynamic binary analysis framework, automate reverse engineering Cplusplus Free False
UglifyJS2 [Website] [Source] JavaScript obfuscator or beautifier toolkit JavaScript Free False
uncompyle [Source] Python 2.7 binaries (.pyc) decompiler Python Free False
uncompyle6 [Source] Python 1.5, 2.1 to 2.7, 3.1 to 3.6 binaries (.pyc) decompiler Python Free False
Vais [Source] SWF vulnerability and information scanner Ruby Free False
WinDbg [Website] Windows debugger Free False
x64dbg [Website] [Source] Windows debugger Cplusplus Free False
XenoScan [Source] Processes memory scanner Cplusplus Free False
Xori [Website] [Source] Disassembly and static analysis library that provides triage analysis data Rust Free False
xxxswf [Source] Small script for carving, scanning, compressing, decompressing and analyzing SWF files Python Free False

Steganography

Name Website Source Description Programming language Price Online
Aperi'Solve [Website] [Source] Steganalysis web platform with layer, zsteg, steghide and exiftool analysis Python Free False
Audacity [Website] [Source] Tool to edit and analyze audio tracks Free False
exif [Source] Shows EXIF information for JPEG files only C Free False
ExifTool [Website] [Source] Library and CLI tool to read and write meta information (EXIF, GPS, IPTC, XMP, JFIF, …) in files (JPEG, PNG, SVG, MPEG, …) Perl Free False
Exiv2 [Website] [Source] Library and CLI tool to read and write meta information (Exif, IPTC & XMP metadata and ICC Profile) in images (JPEG, TIFF, PNG, …) Cplusplus Free False
ImageMagick [Website] [Source] Software suite and library to create, edit, compose, or convert images C Free False
Outguess Tool to hide messages in files (website down since 2004) Free False
PNGtools [Website] [Source] Suite of tools to work with PNG images C Free False
SHIT [Source] Stego Helper Identification Tool, multi-purpose image steganography tool Python Free False
SmartDeblur [Source] To to restore defocused and blurred images (update binary only for Windows, Mac OS binary out of date) Cplusplus Free False
Sonic Visualiser [Website] [Source] Tool to edit and analyze audio tracks Free False
Steganabara [Source] Steganography analysis tool Java Free False
Steghide [Website] [Source] Tool to hide messages in images Free False
StegoVeritas [Source] Automatic tool to bruteforce LSB, transform image, extract metadata or trailing data Python Free False
StegSolve GUI tool to analyse images Java Free False
zsteg [Source] Tool to detect hidden data in PNG and BMP Ruby Free False

System Exploitation

Name Website Source Description Programming language Price Online
bkhive [Source] Dump the syskey bootkey from a Windows NT/2K/XP system hive, often used with samdump2, part of the ophcrack project Free False
BloodHound [Website] [Source] Tool to reveal the hidden and unintended relationships within an Active Directory environment PowerShell Free False
CrackMapExec [Source] Post-exploitation tool to asses Active Directory networks Python Free False
creddump [Source] Dump windows credentials Python Free False
DCOMrade [Source] Script that is able to enumerate the possible vulnerable DCOM applications that might allow for lateral movement, code execution, data exfiltration, etc. PowerShell Free False
DLLInjector [Source] Dll injection tool Cplusplus Free False
DLLPasswordFilterImplant [Source] Password filter DLL, triggered on password change to exfiltrate credentials C Free False
Empire [Website] [Source] PowerShell and Python post-exploitation agent Shell Free False
Empire GUI [Website] [Source] GUI for Empire framework JavaScript Free False
enum4linux [Source] Windows Samba enumeration tool Perl Free False
FFM [Source] Freedom Fighting Mode (FFM), hacking harness, post-exploitation tool Python Free False
goddi [Source] Active Directory domain information dumper Go Free False
LaZagne [Source] Password retriever Python Free False
LinEnum [Source] Linux enumeration and privilege escalation script Shell Free False
Linux Exploit Suggester 2 [Source] Linux kernel exploit suggester Perl Free False
linux-exploit-suggester.sh [Source] Linux kernel exploit suggester Shell Free False
linuxprivchecker.py [Source] Linux privilege escalation check script Python Free False
lynis [Website] [Source] Security auditing and hardening tool, for UNIX-based systems Shell Free False
Nishang [Source] Framework, collection of scripts and payloads in PowerShell for offensive security, penetration testing and red teaming PowerShell Free False
p0wnedShell [Source] PowerShell runspace post exploitation toolkit CSharp Free False
Powerless [Source] A Windows privilege escalation enumeration BAT script designed for legacy Windows machines without Powershell Shell Free False
PowerSploit [Source] Powershell exploitation framework Powershell Free False
samdump2 [Source] Retrieves syskey and extract hashes from Windows 2k/NT/XP/Vista SAM, often used with bkhive, part of the ophcrack project Free False
scavenger [Source] multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as interesting files containing sensitive information Python Free False
SharpShooter [Source] Payload Generation Framework for C# source code VB Free False
ShellPop [Source] Tool to craft bind and reverse shells in several languages Python Free False
unicorn [Source] Tool for using a PowerShell downgrade attack and inject shellcode into memory Python Free False
WES-NG [Source] Windows Exploit Suggester - Next Generation; analyses Windows targets patch levels to find exploits and Metasploit modules; works well with newer system (eg Windows 10) thanks to MSRC support Python Free False
Windows-Exploit-Suggester [Source] Analyses Windows targets patch levels to find exploits and Metasploit modules, works only for older systems (eg Windows XP, Vista, etc.) because it relies on MS Security KBs Python Free False

Threat Intelligence

Name Website Source Description Programming language Price Online
Maltego [Website] Interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet (exists in Community Edition) Paid False
threatfeeds.io [Website] Open-source threat intelligence feeds; sharing malware URLs, IP reputation, bad IPs, etc. Free True

Vulnerability Assessment

Name Website Source Description Programming language Price Online
cvss-suite [Source] CVSS calculator library Ruby Free False
GVM [Website] [Source] The Greenbone Vulnerability Management (GVM) is a framework of several services: gvmd is the central service that consolidates plain vulnerability scanning into a full vulnerability management solution. The Greenbone Security Assistant (GSA) is the web interface of GVM. The main scanner (OpenVAS) is a full-featured scan engine that executes a continuously updated and extended feed of Network Vulnerability Tests (NVTs). Complementary to the web interface, GVM-Tools allows batch processing / scripting via the Greenbone Management Protocol (GMP). Additional scanners can be integrated via the Open Scanner Protocol (OSP) C Paid False
nvd_feed_api [Website] [Source] A ruby API for NVD CVE feeds management, the library will help you to download and manage NVD Data Feeds, search for CVEs, build your vulerability assesment platform or vulnerability database Ruby Free False
Vuls [Website] [Source] Agentless system vulnerability scanner for Linux/FreeBSD with a dashboard (VulsRepo) for analyzing the scan results Go Free False

Web Application Exploitation

Name Website Source Description Programming language Price Online
Acunetix [Website] Web application security scanner Paid True
Arachni [Website] [Source] Web application security scanner framework Ruby Free False
AssassinGo [Website] [Source] Web pentest framework for information gathering and vulnerability scanning Go Free False
Astra [Website] [Source] REST API penetration testing tool Python Free False
Atlas [Source] Tool that suggests sqlmap tampers to bypass WAF/IDS/IPS based on status codes Python Free False
BaRMIe [Source] Java RMI enumeration and attack tool Java Free False
Blazy [Source] Login page bruteforcer: CSRF, SQLi, Clickjacking, WAF detection Python Free False
Burp Suite [Website] Intercepting proxy to replay, inject, scan and fuzz HTTP requests (a limited free version exists) Java Paid False
Chankro [Source] Tool to bypass disable_functions and open_basedir in PHP by calling sendmail and setting LD_PRELOAD environment variable Python Free False
Charles [Website] Intercepting proxy to replay, inject, scan and fuzz HTTP requests Java Paid False
CloudFrunt [Source] Scanner to identify misconfigured CloudFront domains Python Free False
CMSeek [Source] CMS detection and exploitation suite; capable of detecting more than 130 CMS Python Free False
CMSmap [Source] WordPress, Joomla, Drupal, Moodle CMS security scanner Python Free False
CMSScan [Source] Wordpress, Drupal, Joomla, vBulletin CMS security scanner with dashboard Python Free False
commix [Website] [Source] Web-based command injection tester Python Free False
CSWSH [Website] Cross-Site WebSocket Hijacking Tester Free False
dirb [Website] [Source] Web directory and file scanner (wordlist bruteforce) Free False
dirsearch [Source] Web directory and file scanner (wordlist bruteforce) Python Free False
distributed-jwt-cracker [Website] [Source] HS256 JWT token distributed brute force cracker JavaScript Free False
DotDotPwn [Website] [Source] Directory Traversal fuzzer Perl Free False
dvcs-ripper [Source] Dump web accessible (distributed) version control systems (DVCS/VCS): SVN, GIT, Mercurial/hg, Bazaar/bzr, … Perl Free False
Fingerprinter [Source] CMS version detection tool Ruby Free False
git-dump [Source] Dump the contents of a remote git repository without directory listing enabled JavaScript Free False
GitTools [Source] 3 tools: Finder (find websites with .git repository exposed), Dumper (dump exposed .git), Extractor (extract commits and their content from a broken repository) Shell Free False
Gobuster [Source] Web directory, file and DNS scanner (wordlist bruteforce) Go Free False
Gopherus [Source] Generates gopher link for exploiting SSRF and gaining RCE access from unprotected services Python Free False
Hackbar [Website] Firefox addon to manipulate HTTP requests (not compatible with Quantum) Free False
Hookbin [Website] [Source] HTTP request collector and inspector Java Free True
HUNT [Source] HUNT Suite is a collection of Burp Suite Pro/Free and OWASP ZAP extensions Python Free True
IronWASP [Website] [Source] Web security/vulnerability scanner (native for Windows only) C Free False
JWT cracker [Source] Multi-threaded JWT brute-force cracker C Free False
jwt-cracker [Website] [Source] HS256 JWT token brute force cracker JavaScript Free False
jwt_tool [Source] A toolkit for validating, forging and cracking JWT tokens Python Free False
jwtcat [Source] JWT brute-force cracker Python Free False
LFI Freak [Source] LFI scan and exploit tool Python Free False
LFI Suite [Source] Automatic LFI scanner and exploiter Python Free False
LightBulb [Website] [Source] Framework for auditing web application firewalls and filters Python Free False
Kadimus [Source] LFI, RFI, RCE scanner C Free False
Malzilla [Website] [Source] Web oriented deobfuscating tool Free False
Mockbin [Website] [Source] HTTP request collector and inspector JavaScript Free True
Netsparker [Website] Web application security scanner Paid True
nikto [Website] [Source] Very light web security scanner Perl Free False
NoSQLMap [Source] Automated NoSQL database enumeration and web application exploitation tool Python Free False
Nosql-Exploitation-Framework [Source] NoSQL scanning and exploitation framework Python Free False
OWASP JoomScan [Source] Joomla vulnerability scanner Perl Free False
OWASP ZAP [Website] [Source] OWASP Zed Attack Proxy, intercepting proxy to replay, inject, scan and fuzz HTTP requests Java Free False
Panoptic [Website] [Source] Automatic LFI and Path Traversal exploitation tool Python Free False
Paros [Source] Intercepting proxy to replay, inject, scan and fuzz HTTP requests Java Free False
PHPGGC [Source] PHP Generic Gadget Chains, library of unserialize() payloads along with a tool to generate them, supporting various PHP frameworks PHP Free False
Portswigger Labs Inspector [Website] Javascript expression evaluator and inspector JavaScript Free True
PowerUpSQL [Source] Toolkit for attacking MS SQL Server, discovery, configuration auditing, privilege escalation, post exploitation Powershell Free False
Rabid [Website] [Source] CLI tool and library allowing to simply decode all kind of BigIP cookies Ruby Free True
RequestBin [Website] [Source] HTTP request collector and inspector Python Free True
Simple Local File Inclusion Exploiter [Website] [Source] LFI exploit tool Python Free False
Sitadel [Source] Web application security scanner, rewrite and newer version of WAScan Python Free False
SleuthQL [Source] Tool that parses Burp history to discover potential SQL injection points and prepare SQLmap request files Python Free False
snallygaster [Source] Web scanner that looks for files accessible on web servers that shouldn't be public Python Free False
sqlmap [Website] [Source] Automatic SQL injection tool Python Free False
SQLiv [Source] SQL injection scanner, find vulnerable entry points Python Free False
SSLyze [Source] SSL analysis library and a CLI tools Python Free False
SSRF Proxy [Source] Facilitates tunneling HTTP communications through servers vulnerable to SSRF Ruby Free False
SSRFmap [Source] Automatic SSRF fuzzer and exploitation tool Python Free False
testssl.sh [Website] [Source] TLS/SSL scanner to find weak cipherss, protocols or flaws Shell Free False
TIDoS Framework [Source] Comprehensive web-app audit framework Python Free False
Tracy [Source] Tool that help to manually find XSS Go Free False
Uniscan [Source] RFI, LFi and RCE scanner Perl Free False
V3n0M [Source] Web dork and vulnerability scanner Python Free False
Vega [Website] [Source] Multi-platform web scanner and intercepting proxy Java Free False
VOOKI [Website] Windows only web application and REST API vulnerability scanner Free False
w3af [Website] [Source] Web application attack and audit framework, web-oriented security scanner Python Free False
wapiti [Website] [Source] Web-oriented vulnerability scanner, can generates reports Free False
WAScan [Source] Web application security scanner Python Free False
Webhook Tester [Website] [Source] HTTP request collector and inspector PHP Free True
Weevely [Source] Web shell for post-exploitation working with a PHP agent Python Free False
WPScan [Website] [Source] WordPress CMS vulnerability scanner Ruby Free True
Wfuzz [Website] [Source] Web application fuzzer framework Python Free False
What CMS [Website] Service able to detect more than 430 CMS, find version used for some CMS, has an API for batch detection Free True
wikto [Source] Nikto for Windows; web security scanner CSharp Free False
WS-Attacker [Source] Modular framework for SOAP web services penetration testing Java Free False
WSFuzzer [Website] [Source] Fuzzing penetration testing tool for testing HTTP SOAP based web services Python Free False
WSSAT [Website] [Source] Web Service Security Assessment Tool; WS, REST API, SOAP API dynamic scanner CSharp Free False
XAttacker [Source] CMS detection and exploitation suite Perl Free False
Xenotix [Website] [Source] XSS detection and exploit framework (Windows only) Python Free False
XSS'OR [Website] [Source] Multi-purpose tool for XSS or JavaScript analysis JavaScript Free True
XSS'OR 2 [Website] [Source] Multi-purpose tool for XSS or JavaScript analysis JavaScript Free True
XSSCon [Source] XSS automatic scanner Python Free False
XSSer [Website] [Source] XSS automatic scanner and exploiter Python Free False
XSStrike [Source] XSS detection tool, parser, payload generator, fuzzing engine, crawler Python Free False
xxxpwn [Source] XPath injection tool, designed for blind injection Python Free False
xxxpwn_smart [Source] XPath injection tool, fork of xxxpwn adding further optimizations and tweaks, uses predictive text based on a dictionary of words/phrases vs frequencies of occurrence Python Free False

Wireless

Name Website Source Description Programming language Price Online
Aircrack-Ng [Website] [Source] Suite of tools to assess WiFi network security (cracking WEP and WPA PSK) C Free False
BtleJack [Source] Bluetooth Low Energy Swiss-army knife Python Free False
Crunch-Cracker [Source] Wordlist generator and Wi-Fi cracker Shell Free False
Fluxion [Website] [Source] MITM WPA attack tool Shell Free False
FruityWiFi [Source] Wireless network auditing tool controlled by a web interface PHP Free False
Hijacker [Source] Android GUI for Aircrack, Airodump, Aireplay, MDK3 and Reaver Java Free False
Infernal-Wireless [Source] Automated wireless hacking tool Python Free False
MDK3-master [Source] PoC tool to exploit common IEEE 802.11 protocol weaknesses C Free False
MDK4 [Source] PoC tool to exploit common IEEE 802.11 protocol weaknesses C Free False
Modmobjam [Source] Cellular networks jamming PoC for mobile equipments Python Free False
Modmobmap [Source] Tool to retrieve information of cellular networks Python Free False
reaver-wps [Source] Bruteforce WPS tool C Free False
reaver-wps (t6x fork) [Source] Bruteforce WPS tool C Free False
trackerjacker [Source] Tool for mapping and tacking wifi networks and devices through raw 802.11 monitoring Python Free False
Wifi-Biter [Source] Dictionary generator used to generate dictionaries/wordlist for Wireless Router Passwords Python Free False
wifijammer [Source] Script to jam wifi clients and access points Python Free False
wifite2 [Source] Script for auditing wireless networks that runs existing wireless-auditing tools Python Free False