-
-
Notifications
You must be signed in to change notification settings - Fork 286
# Hacking Tools Wiki
Welcome to the Hacking-Tools repository by YogSec. This repository is a curated collection of penetration testing and ethical hacking tools, categorized for ease of access. These tools aid in information gathering, exploitation, vulnerability analysis, and more.
- [Introduction](#introduction)
- [Categories](#categories)
- [Information Gathering](#information-gathering)
- [Vulnerability Analysis](#vulnerability-analysis)
- [Exploitation Tools](#exploitation-tools)
- [Wireless Attacks](#wireless-attacks)
- [Forensics Tools](#forensics-tools)
- [Stress Testing](#stress-testing)
- [Sniffing & Spoofing](#sniffing--spoofing)
- [Password Attacks](#password-attacks)
- [Web Application Analysis](#web-application-analysis)
- [Reverse Engineering](#reverse-engineering)
- [Reporting Tools](#reporting-tools)
- [Social Engineering Tools](#social-engineering-tools)
- [Miscellaneous](#miscellaneous)
- [Contributing](#contributing)
- [License](#license)
- [Disclaimer](#disclaimer)
This wiki serves as a documentation hub for ethical hacking and penetration testing tools. Each category contains widely used open-source and commercial tools that help security professionals in their assessments.
- Nmap – Network scanning and mapping.
- Kismet – Wireless network detector and sniffer.
- Maltego – OSINT and data mining.
- theHarvester – Collect emails, subdomains, and more.
- Recon-ng – Web reconnaissance framework.
- Amass – Network mapping and asset discovery.
- Shodan – Search engine for internet-connected devices.
- WHOIS – Domain registration lookup.
- OSINT Framework – OSINT tools collection.
- OpenVAS – Open-source vulnerability scanner.
- Nessus – Commercial vulnerability scanner.
- Nikto – Web server vulnerability scanner.
- Wapiti – Web security scanner.
- SQLmap – Automated SQL injection tool.
- OWASP ZAP – Web application security scanner.
- Retire.js – JavaScript vulnerability scanner.
- Dependency-Check – Analyzes project dependencies for vulnerabilities.
- Metasploit Framework – Exploit development framework.
- Armitage – GUI for Metasploit.
- BeEF – Browser exploitation framework.
- ExploitDB – Archive of exploits.
- SearchSploit – Offline exploit search tool.
- Commix – Automated command injection scanner.
- RouterSploit – Router and IoT exploit framework.
- Social Engineering Toolkit (SET) – Phishing and payload-based attacks.
- Empire – PowerShell post-exploitation framework.
- Aircrack-ng – WiFi cracking suite.
- Reaver – WPS attack tool.
- Fern WiFi Cracker – Wireless auditing tool.
- Wifite – Automated WiFi attack tool.
- Wifiphisher – Phishing-based WiFi attacks.
- Wi-Fi Pineapple – Wireless attack platform.
- Cowpatty – WPA2 cracking tool.
- Autopsy – Digital forensics platform.
- Volatility – Memory forensics framework.
- Binwalk – Firmware analysis.
- ExifTool – Extract metadata from files.
- TestDisk – Partition recovery tool.
- PhotoRec – File recovery tool.
- YARA – Malware pattern-matching tool.
- NetworkMiner – Passive network packet analysis.
- Slowloris – HTTP DoS tool.
- LOIC – Low Orbit Ion Cannon.
- HULK – HTTP flood tool.
- GoldenEye – Denial-of-service testing tool.
- Xerxes – Powerful DoS tool.
- Wireshark – Network packet analyzer.
- Ettercap – MITM attack framework.
- Bettercap – Network attack and monitoring tool.
- Responder – LLMNR, NBT-NS, and MDNS poisoning tool.
- dsniff – Collection of network monitoring and attack tools.
- MITMf – Man-in-the-middle attack framework.
- John the Ripper – Password cracking tool.
- Hashcat – Advanced password recovery tool.
- Hydra – Brute force login cracker.
- Cain & Abel – Password recovery and cracking tool.
- CeWL – Custom wordlist generator.
- RainbowCrack – Hash cracking using rainbow tables.
- Burp Suite – Web security testing tool.
- Nikto – Web vulnerability scanner.
- WPScan – WordPress security scanner.
- WhatWeb – Web application fingerprinting.
- CMSmap – CMS vulnerability scanner.
- Sublist3r – Subdomain enumeration tool.
- Ghidra – NSA's reverse engineering tool.
- Radare2 – Open-source reverse engineering framework.
- OllyDbg – Windows debugger.
- IDA Pro – Advanced disassembler.
- Binary Ninja – Reverse engineering platform.
- Frida – Dynamic instrumentation toolkit.
- Dradis – Information sharing framework.
- Faraday – Collaborative pen-testing platform.
- MagicTree – Data analysis and reporting tool.
- Serpico – Automated reporting tool.
- Social Engineering Toolkit (SET) – Phishing, credential harvesting.
- BeEF – Exploiting browser vulnerabilities.
- Evilginx2 – Advanced phishing framework.
- TheFatRat – Malware and payload generator.
- Unicorn – PowerShell payload generator.
- MSFvenom – Payload generation tool.
- Mimikatz – Credential dumping tool.
Contributions are welcome! If you want to add new tools or improve existing documentation, feel free to submit a pull request or open an issue.
This repository is licensed under the MIT License.
This repository is intended for educational and ethical security testing purposes only. The author and contributors are not responsible for any misuse of these tools.