-
Notifications
You must be signed in to change notification settings - Fork 1
tools list
David Van Mosselbeen edited this page Dec 8, 2021
·
10 revisions
| Application | Description |
|---|---|
| hydra | very fast network logon cracker |
| hydra-gtk | very fast network logon cracker - GTK+ based GUI |
| john | active password cracking tool |
| johnny | GUI for John the Ripper |
| wpscan | Black box WordPress vulnerability scanner |
| joomscan | OWASP Joomla Vulnerability Scanner Project |
| Application | Description |
|---|---|
| nmap | The Network Mapper |
| rustscan | The Modern Port Scanner |
| zenmap-kbx | The Network Mapper Front End (GUI for nmap. the binary is called zenmap) |
| nmapsi4 | graphical interface to nmap, the network scanner |
| netdiscover | active/passive network address scanner using ARP requests |
| fierce | Domain DNS scanner |
| Application | Description |
|---|---|
| gobuster | Directory/file & DNS busting tool written in Go |
| dirb | URL bruteforcing tool |
| dirbuster | Web server directory brute-forcer |
| nikto | web server security scanner |
| wpscan | Black box WordPress vulnerability scanner |
| wapiti | web application vulnerability scanner |
| Application | Description |
|---|---|
| enum4linux | Enumerates info from Windows and Samba systems |
| Application | Description |
|---|---|
| Nessus | Needs to be downloaded from their website |
| pompem | Exploit and Vulnerability Finder |
Tools to analyse the system.
| Application | Description |
|---|---|
| Sysinternals | A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. |
| Process Hacker | |
| Process Explorer | |
| Windows-Exploit-Suggester | This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins. |
| winPEAS | Windows Privilege Escalation Awesome Scripts |
| Application | Description |
|---|---|
| CherryTree | |
| OneNote | |
| Joplin |
| Application | Description |
|---|---|
| MimikatzMimikatz | |
| linPEAS | Linux Privilege Escalation Awesome Script |
| pspy | unprivileged Linux process snooping |
| LinEnum | Scripted Local Linux Enumeration & Privilege Escalation Checks |
| LSE | Linux enumeration tools for pentesting and CTFs |
| PowerUp.ps1 | PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations. |
| shellgen | Reverse and webshell Python script that generated different shells. TOP! NOTE: There are different version going around! |
| pwncat | pwncat is a post-exploitation platform |
Peace & Love © All Rights Reserved on that
- Information Gathering
- Exploiting
- Post Exploitation on Linux
-
Post Exploitation on Windows
-
Information Gathering
- System
- Network
- User Accounts
- Obtain user's information
- Credentials
- Configs
- Finding Important Files
- Other Utilities
-
Covering Your Tracks
- Avoiding history filesmys
- Deleting and Destroying
- Escalating
- Delivery methods
-
Maintaining Control
- Windows Startup folder
- With the registry
- Using BITS
- Reverse Shell
- Execute a Remote Script
- Powershell Cheat Sheet
- Resources
-
Information Gathering
- Web Application Attacks
- Tools List
-
Securing - Hardening
- Awareness
- Network
- Web Server
- SSH Server
- FTP Server
- Hardening Tools and Tips
- GPG Keys
- Not Sorted Yet
- About
- Resources