cyber-security-resources/more_tools.md

308 lines
52 KiB
Markdown
Raw Normal View History

2019-06-11 17:34:08 -04:00
# Latest Cool Tools
The following are a collection of recently-released pen test tools. I update this list every time that there is a new post and when I find a new one around the Internet. The rest of the repository has hundreds of additional cybersecurity and pen test tools.
----
- [GhostDelivery - This Tool Creates A Obfuscated .vbs Script To Download A Payload Hosted On A Server To %TEMP% Directory, Execute Payload And Gain Persistence](http://feedproxy.google.com/~r/PentestTools/~3/oWV8asKvS20/ghostdelivery-this-tool-creates.html)
- [ReverseTCPShell - PowerShell ReverseTCP Shell, Client & Server](http://feedproxy.google.com/~r/PentestTools/~3/pWymKYDrZz8/reversetcpshell-powershell-reversetcp.html)
- [ripVT - Virus Total API Maltego Transform Set For Canari](http://feedproxy.google.com/~r/PentestTools/~3/n4rLmMXJVa4/ripvt-virus-total-api-maltego-transform.html)
- [Vulners Scanner for Android - Passive Vulnerability Scanning Based On Software Version Fingerprint](http://feedproxy.google.com/~r/PentestTools/~3/jjXLZCER0Bk/vulners-scanner-for-android-passive.html)
- [ANDRAX v3 - The First And Unique Penetration Testing Platform For Android Smartphones](http://feedproxy.google.com/~r/PentestTools/~3/3jIpU7zeiJg/andrax-v3-first-and-unique-penetration.html)
- [PcapXray v2.5 - A Network Forensics Tool To Visualize A Packet Capture Offline As A Network Diagram](http://feedproxy.google.com/~r/PentestTools/~3/EbsP_Xce8HA/pcapxray-v25-network-forensics-tool-to.html)
- [Python-Iocextract - Advanced Indicator Of Compromise (IOC) Extractor](http://feedproxy.google.com/~r/PentestTools/~3/FJzGewoG5dE/python-iocextract-advanced-indicator-of.html)
- [Vthunting - A Tiny Script Used To Generate Report About VirusTotal Hunting And Send It By Email, Slack Or Telegram](http://feedproxy.google.com/~r/PentestTools/~3/oKh1run6pi8/vthunting-tiny-script-used-to-generate.html)
- [Facebash - Facebook Brute Forcer In Shellscript Using TOR](http://feedproxy.google.com/~r/PentestTools/~3/f3cso_9atWo/facebash-facebook-brute-forcer-in.html)
- [Finshir - A Coroutines-Driven Low And Slow Traffic Sender, Written In Rust](http://feedproxy.google.com/~r/PentestTools/~3/Wj-iLgszhts/finshir-coroutines-driven-low-and-slow.html)
- [autoPwn - Automate Repetitive Tasks For Fuzzing](http://feedproxy.google.com/~r/PentestTools/~3/LtbIQEba06g/autopwn-automate-repetitive-tasks-for.html)
- [Metabigor - Command Line Search Engines Without Any API Key](http://feedproxy.google.com/~r/PentestTools/~3/bwTS0tOubeM/metabigor-command-line-search-engines.html)
- [Userrecon-Py - Find Usernames In Social Networks](http://feedproxy.google.com/~r/PentestTools/~3/XDi8ASQbqK0/userrecon-py-find-usernames-in-social.html)
- [Amass - In-depth DNS Enumeration And Network Mapping](http://feedproxy.google.com/~r/PentestTools/~3/CU7t9RWRUVE/amass-in-depth-dns-enumeration-and.html)
- [Wpbullet - A Static Code Analysis For WordPress (And PHP)](http://feedproxy.google.com/~r/PentestTools/~3/BNNWMh0ROZI/wpbullet-static-code-analysis-for.html)
- [PhoneSploit - Using Open Adb Ports We Can Exploit A Devive](http://feedproxy.google.com/~r/PentestTools/~3/tEZLuU4Lcu4/phonesploit-using-open-adb-ports-we-can.html)
- [Kubolt - Utility For Scanning Public Kubernetes Clusters](http://feedproxy.google.com/~r/PentestTools/~3/snT7GJXlPRw/kubolt-utility-for-scanning-public.html)
- [Brutality - A Fuzzer For Any GET Entries](http://feedproxy.google.com/~r/PentestTools/~3/gVy5j3AqjzQ/brutality-fuzzer-for-any-get-entries.html)
- [P4wnP1 A.L.O.A. - Framework Which Turns A Rapsberry Pi Zero W Into A Flexible, Low-Cost Platform For Pentesting, Red Teaming And Physical Engagements](http://feedproxy.google.com/~r/PentestTools/~3/igwQvhbsl94/p4wnp1-aloa-framework-which-turns.html)
- [Sniffglue - Secure Multithreaded Packet Sniffer](http://feedproxy.google.com/~r/PentestTools/~3/MRP1DzlWgw4/sniffglue-secure-multithreaded-packet.html)
- [H2Buster - A Threaded, Recursive, Web Directory Brute-Force Scanner Over HTTP/2](http://feedproxy.google.com/~r/PentestTools/~3/-lNZG_fmj9M/h2buster-threaded-recursive-web.html)
- [CMSeeK v1.1.2 - CMS Detection And Exploitation Suite - Scan WordPress, Joomla, Drupal And Over 170 Other CMSs](http://feedproxy.google.com/~r/PentestTools/~3/uWJhOXaPcsE/cmseek-v112-cms-detection-and.html)
- [SSHD-Poison - A Tool To Get Creds Of Pam Based SSHD Authentication](http://feedproxy.google.com/~r/PentestTools/~3/A-jI5JynwFg/sshd-poison-tool-to-get-creds-of-pam.html)
- [HiddenWall - Linux Kernel Module Generator For Custom Rules With Netfilter (Block Ports, Hidden Mode, Rootkit Functions, Etc)](http://feedproxy.google.com/~r/PentestTools/~3/0hUZUgb6bck/hiddenwall-linux-kernel-module.html)
- [IPFinder CLI - The Official Command Line Client For IPFinder](http://feedproxy.google.com/~r/PentestTools/~3/U-_QsxsfhhU/ipfinder-cli-official-command-line.html)
- [VulnX - CMS And Vulnerabilites Detector And An Intelligent Auto Shell Injector](http://feedproxy.google.com/~r/PentestTools/~3/ARM75rpuTUo/vulnx-cms-and-vulnerabilites-detector.html)
- [TeleShadow v3 - Telegram Desktop Session Stealer (Windows)](http://feedproxy.google.com/~r/PentestTools/~3/oqLotdLySeI/teleshadow-v3-telegram-desktop-session.html)
- [Crosslinked - LinkedIn Enumeration Tool To Extract Valid Employee Names From An Organization Through Search Engine Scraping](http://feedproxy.google.com/~r/PentestTools/~3/_QTluYAcJxg/crosslinked-linkedin-enumeration-tool.html)
- [Graffiti - A Tool To Generate Obfuscated One Liners To Aid In Penetration Testing](http://feedproxy.google.com/~r/PentestTools/~3/4mCLQQpiWHw/graffiti-tool-to-generate-obfuscated.html)
- [Kali Linux 2019.2 Release - Penetration Testing and Ethical Hacking Linux Distribution](http://feedproxy.google.com/~r/PentestTools/~3/62Wl1MOvd94/kali-linux-20192-release-penetration.html)
- [Versionscan - A PHP Version Scanner For Reporting Possible Vulnerabilities](http://feedproxy.google.com/~r/PentestTools/~3/AB7R5aHma34/versionscan-php-version-scanner-for.html)
- [XSSCon - Simple XSS Scanner Tool](http://feedproxy.google.com/~r/PentestTools/~3/7yTza_ZfCho/xsscon-simple-xss-scanner-tool.html)
- [Hydra 9.0 - Fast and Flexible Network Login Hacker](http://feedproxy.google.com/~r/PentestTools/~3/r4DjFhzT69U/hydra-90-fast-and-flexible-network.html)
- [Flashsploit - Exploitation Framework For ATtiny85 Based HID Attacks](http://feedproxy.google.com/~r/PentestTools/~3/lPG04RLt5rk/flashsploit-exploitation-framework-for.html)
- [Scavenger - Crawler Searching For Credential Leaks On Different Paste Sites](http://feedproxy.google.com/~r/PentestTools/~3/TibOQ-WmQVE/scavenger-crawler-searching-for.html)
- [OSIF - Open Source Information Facebook](http://feedproxy.google.com/~r/PentestTools/~3/kYJPsFZc8UQ/osif-open-source-information-facebook.html)
- [Bandit - Tool Designed To Find Common Security Issues In Python Code](http://feedproxy.google.com/~r/PentestTools/~3/wb0Wk6QXXFo/bandit-tool-designed-to-find-common.html)
- [Brutemap - Tool That Automates Testing Accounts To The Site's Login Page](http://feedproxy.google.com/~r/PentestTools/~3/HEi_Ynm05Wg/brutemap-tool-that-automates-testing.html)
- [Acunetix Vulnerability Scanner Now With Network Security Scans](http://feedproxy.google.com/~r/PentestTools/~3/dHIr1QsVQYw/acunetix-vulnerability-scanner-now-with.html)
- [Project iKy - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface](http://feedproxy.google.com/~r/PentestTools/~3/Z24DwjUEpe4/project-iky-tool-that-collects.html)
- [Miteru - An Experimental Phishing Kit Detection Tool](http://feedproxy.google.com/~r/PentestTools/~3/T974-FHaask/miteru-experimental-phishing-kit.html)
- [SecurityRAT - Tool For Handling Security Requirements In Development](http://feedproxy.google.com/~r/PentestTools/~3/oMEzMUP6-CI/securityrat-tool-for-handling-security.html)
- [JWT Tool - A Toolkit For Testing, Tweaking And Cracking JSON Web Tokens](http://feedproxy.google.com/~r/PentestTools/~3/ZlIcP20eZRs/jwt-tool-toolkit-for-testing-tweaking.html)
- [Trigmap - A Wrapper For Nmap To Automate The Pentest](http://feedproxy.google.com/~r/PentestTools/~3/4v03LmjMcd4/trigmap-wrapper-for-nmap-to-automate.html)
- [Machinae v1.4.8 - Security Intelligence Collector](http://feedproxy.google.com/~r/PentestTools/~3/M0K8gqllktU/machinae-v148-security-intelligence.html)
- [WAFW00F v1.0.0 - Detect All The Web Application Firewall!](http://feedproxy.google.com/~r/PentestTools/~3/MQijesVOTIE/wafw00f-v100-detect-all-web-application.html)
- [Horn3t - Powerful Visual Subdomain Enumeration At The Click Of A Mouse](http://feedproxy.google.com/~r/PentestTools/~3/d2tUUrP62WU/horn3t-powerful-visual-subdomain.html)
- [Pacbot - Platform For Continuous Compliance Monitoring, Compliance Reporting And Security Automation For The Cloud](http://feedproxy.google.com/~r/PentestTools/~3/Rlt5JK-83Dc/pacbot-platform-for-continuous.html)
- [Findomain - A Cross-Platform Tool That Use Certificate Transparency Logs To Find Subdomains](http://feedproxy.google.com/~r/PentestTools/~3/wXgn5VWk6SU/findomain-cross-platform-tool-that-use.html)
- [Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts](http://feedproxy.google.com/~r/PentestTools/~3/IoUOymJezTw/sn1per-v70-automated-pentest-framework.html)
- [PAnalizer - Pornography Analizer And Face Searching](http://feedproxy.google.com/~r/PentestTools/~3/DrTqYWvAK1Q/panalizer-pornography-analizer-and-face.html)
- [FinalRecon - OSINT Tool For All-In-One Web Reconnaissance](http://feedproxy.google.com/~r/PentestTools/~3/SUc3j_Jc96w/finalrecon-osint-tool-for-all-in-one.html)
- [iCULeak - Tool To Find And Extract Credentials From Phone Configuration Files Hosted On Cisco CUCM](http://feedproxy.google.com/~r/PentestTools/~3/1QY0SIyYtbU/iculeak-tool-to-find-and-extract.html)
- [DumpTheGit - Searches Through Public Repositories To Find Sensitive Information Uploaded To The Github Repositories](http://feedproxy.google.com/~r/PentestTools/~3/kTA1D58El0U/dumpthegit-searches-through-public.html)
- [Vulmap - Online Local Vulnerability Scanners Project](http://feedproxy.google.com/~r/PentestTools/~3/7lKQQIWQGJk/vulmap-online-local-vulnerability.html)
- [AutoSource - Automated Source Code Review Framework Integrated With SonarQube](http://feedproxy.google.com/~r/PentestTools/~3/alJwKx_iHdQ/autosource-automated-source-code-review.html)
- [Kerbrute - A Tool To Perform Kerberos Pre-Auth Bruteforcing](http://feedproxy.google.com/~r/PentestTools/~3/IAxyISi4bAc/kerbrute-tool-to-perform-kerberos-pre.html)
- [Hackuna - The First Mobile App to Track Hackers](http://feedproxy.google.com/~r/PentestTools/~3/DMmt1Y2sd_A/hackuna-first-mobile-app-to-track.html)
- [Joy - A Package For Capturing And Analyzing Network Flow Data And Intraflow Data, For Network Research, Forensics, And Security Monitoring](http://feedproxy.google.com/~r/PentestTools/~3/Hnc6J2MxuZg/joy-package-for-capturing-and-analyzing.html)
- [Kostebek - Reconnaissance Tool Which Uses Firms Trademark Information To Discover Their Domains](http://feedproxy.google.com/~r/PentestTools/~3/uTvabW9syZ4/kostebek-reconnaissance-tool-which-uses.html)
- [Termshark - A Terminal UI For Tshark, Inspired By Wireshark](http://feedproxy.google.com/~r/PentestTools/~3/IT3zoOGfD70/termshark-terminal-ui-for-tshark.html)
- [PeekABoo - Tool To Enable Remote Desktop On The Targeted Machine](http://feedproxy.google.com/~r/PentestTools/~3/pKwJLmFuw_Y/peekaboo-tool-to-enable-remote-desktop.html)
- [10Minutemail - Python Temporary Email](http://feedproxy.google.com/~r/PentestTools/~3/6P5wkV_3yTU/10minutemail-python-temporary-email.html)
- [BruteDum - Brute Force Attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC With Hydra, Medusa And Ncrack](http://feedproxy.google.com/~r/PentestTools/~3/3Z-_-kI5aD8/brutedum-brute-force-attacks-ssh-ftp.html)
- [Cynet Free IR Tool Offering Empowers Responders to Know and Act Against Active Attacks](http://feedproxy.google.com/~r/PentestTools/~3/4Q01gW4bYSs/cynet-free-ir-tool-offering-empowers.html)
- [CQTools - The New Ultimate Windows Hacking Toolkit](http://feedproxy.google.com/~r/PentestTools/~3/jwnMIPJ7f80/cqtools-new-ultimate-windows-hacking.html)
- [ExtAnalysis - Browser Extension Analysis Framework](http://feedproxy.google.com/~r/PentestTools/~3/_R9KNS4iKCY/extanalysis-browser-extension-analysis.html)
- [QRGen - Simple Script For Generating Malformed QRCodes](http://feedproxy.google.com/~r/PentestTools/~3/l5Kg34GFbeY/qrgen-simple-script-for-generating.html)
- [ReconT - Reconnaisance / Footprinting / Information Disclosure](http://feedproxy.google.com/~r/PentestTools/~3/cODwkrYCciM/recont-reconnaisance-footprinting.html)
- [Bashter - Web Crawler, Scanner, And Analyzer Framework](http://feedproxy.google.com/~r/PentestTools/~3/SioxR4luedw/bashter-web-crawler-scanner-and.html)
- [Adidnsdump - Active Directory Integrated DNS Dumping By Any Authenticated User](http://feedproxy.google.com/~r/PentestTools/~3/8FXqJbJc7lY/adidnsdump-active-directory-integrated.html)
- [Twint - An Advanced Twitter Scraping And OSINT Tool](http://feedproxy.google.com/~r/PentestTools/~3/Z6GYaIPVXh8/twint-advanced-twitter-scraping-and.html)
- [HostHunter - A Recon Tool For Discovering Hostnames Using OSINT Techniques](http://feedproxy.google.com/~r/PentestTools/~3/QiCNKN5VS74/hosthunter-recon-tool-for-discovering.html)
- [Flerken - Obfuscated Command Detection Tool](http://feedproxy.google.com/~r/PentestTools/~3/XuqcFjTq6S8/flerken-obfuscated-command-detection.html)
- [ScanQLi - Scanner To Detect SQL Injection Vulnerabilities](http://feedproxy.google.com/~r/PentestTools/~3/wgueXGutErU/scanqli-scanner-to-detect-sql-injection.html)
- [OSINT-Search - Useful For Digital Forensics Investigations Or Initial Black-Box Pentest Footprinting](http://feedproxy.google.com/~r/PentestTools/~3/D1r1ulQ7KTw/osint-search-useful-for-digital.html)
- [Parrot Security 4.6 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind](http://feedproxy.google.com/~r/PentestTools/~3/s2FArN4t_3o/parrot-security-46-security-gnulinux.html)
- [Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents](http://feedproxy.google.com/~r/PentestTools/~3/LSMeO4LPR0I/evil-clippy-cross-platform-assistant.html)
- [ParamPamPam - Brute Force Discover GET And POST Parameters](http://feedproxy.google.com/~r/PentestTools/~3/Wthy0oeZHOE/parampampam-brute-force-discover-get.html)
- [Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning](http://feedproxy.google.com/~r/PentestTools/~3/62_7K6wE8Hk/osmedeus-fully-automated-offensive_27.html)
- [Okadminfinder3 - Admin Panel Finder / Admin Login Page Finder](http://feedproxy.google.com/~r/PentestTools/~3/JYs9BE78JWg/okadminfinder3-admin-panel-finder-admin.html)
- [Cutter - Free And Open-Source GUI For Radare2 Reverse Engineering Framework](http://feedproxy.google.com/~r/PentestTools/~3/tox-LUVg8Io/cutter-free-and-open-source-gui-for.html)
- [NAXSI - An Open-Source, High Performance, Low Rules Maintenance WAF For NGINX](http://feedproxy.google.com/~r/PentestTools/~3/A8ZGsbVEM_o/naxsi-open-source-high-performance-low.html)
- [Raptor WAF v0.6 - Web Application Firewall using DFA](http://feedproxy.google.com/~r/PentestTools/~3/BA5LLiXZBVI/raptor-waf-v06-web-application-firewall.html)
- [FTPBruter - A FTP Server Brute Forcing Tool](http://feedproxy.google.com/~r/PentestTools/~3/hudxodR8GrU/ftpbruter-ftp-server-brute-forcing-tool.html)
- [Freddy - Automatically Identify Deserialisation Issues In Java And .NET Applications By Using Active And Passive Scans](http://feedproxy.google.com/~r/PentestTools/~3/9_sH_VhkADw/freddy-automatically-identify.html)
- [Findomain - A Tool That Use Certificate Transparency Logs To Find Subdomains](http://feedproxy.google.com/~r/PentestTools/~3/nZr4C2pqs0Q/findomain-tool-that-use-certificate.html)
- [Anevicon - A High-Performant UDP-based Load Generator](http://feedproxy.google.com/~r/PentestTools/~3/5XmXet0TlPs/anevicon-high-performant-udp-based-load.html)
- [Reverie - Automated Pentest Tools Designed For Parrot Linux](http://feedproxy.google.com/~r/PentestTools/~3/I5j5E3B9o2w/reverie-automated-pentest-tools.html)
- [EasySploit - Metasploit Automation (EASIER And FASTER Than EVER)](http://feedproxy.google.com/~r/PentestTools/~3/fAldiqcnlVY/easysploit-metasploit-automation-easier.html)
- [PyWhatCMS - Unofficial WhatCMS API Package](http://feedproxy.google.com/~r/PentestTools/~3/MipV-mhuXs0/pywhatcms-unofficial-whatcms-api-package.html)
- [Kubebot - A Security Testing Slackbot Built With A Kubernetes Backend On The Google Cloud Platform](http://feedproxy.google.com/~r/PentestTools/~3/9kvKVdDoeDg/kubebot-security-testing-slackbot-built.html)
- [drAFL - AFL + DynamoRIO = Fuzzing Binaries With No Source Code On Linux](http://feedproxy.google.com/~r/PentestTools/~3/hOVJOVPf6mg/drafl-afl-dynamorio-fuzzing-binaries.html)
- [Ttyd - Share Your Terminal Over The Web](http://feedproxy.google.com/~r/PentestTools/~3/bMyoKJQqRUI/ttyd-share-your-terminal-over-web.html)
- [mongoBuster - Hunt Open MongoDB Instances](http://feedproxy.google.com/~r/PentestTools/~3/SZ1n92RVaTc/mongobuster-hunt-open-mongodb-instances.html)
- [Parameth - This Tool Can Be Used To Brute Discover GET And POST Parameters](http://feedproxy.google.com/~r/PentestTools/~3/E2J6ATzXZjw/parameth-this-tool-can-be-used-to-brute.html)
- [EfiGuard - Disable PatchGuard And DSE At Boot Time](http://feedproxy.google.com/~r/PentestTools/~3/Er2ka-d-TW4/efiguard-disable-patchguard-and-dse-at.html)
- [fireELF - Fileless Linux Malware Framework](http://feedproxy.google.com/~r/PentestTools/~3/nkiWxHsqM50/fireelf-fileless-linux-malware-framework.html)
- [FLASHMINGO - Automatic Analysis Of SWF Files Based On Some Heuristics](http://feedproxy.google.com/~r/PentestTools/~3/ACw-482_MOc/flashmingo-automatic-analysis-of-swf.html)
- [Platypus - A Modern Multiple Reverse Shell Sessions Manager Written In Go](http://feedproxy.google.com/~r/PentestTools/~3/30pzbSTJjXw/platypus-modern-multiple-reverse-shell.html)
- [SilkETW - Flexible C# Wrapper For ETW (Event Tracing for Windows)](http://feedproxy.google.com/~r/PentestTools/~3/BJmvoNfqSg4/silketw-flexible-c-wrapper-for-etw.html)
- [Instantbox - Get A Clean, Ready-To-Go Linux Box In Seconds](http://feedproxy.google.com/~r/PentestTools/~3/fZlkpiyYgzM/instantbox-get-clean-ready-to-go-linux.html)
- [Pepe - Collect Information About Email Addresses From Pastebin](http://feedproxy.google.com/~r/PentestTools/~3/UWHcybSkf3A/pepe-collect-information-about-email.html)
- [W12Scan - A Simple Asset Discovery Engine For Cybersecurity](http://feedproxy.google.com/~r/PentestTools/~3/8ngOdmcdmkU/w12scan-simple-asset-discovery-engine.html)
- [Instainsane - Multi-threaded Instagram Brute Forcer](http://feedproxy.google.com/~r/PentestTools/~3/n2J8ihzAvxI/instainsane-multi-threaded-instagram.html)
- [Zeebsploit - Web Scanner / Exploitation / Information Gathering](http://feedproxy.google.com/~r/PentestTools/~3/9xaMRbIv1Dk/zeebsploit-web-scanner-exploitation.html)
- [TeleKiller - A Tool Session Hijacking And Stealer Local Passcode Telegram Windows](http://feedproxy.google.com/~r/PentestTools/~3/8Mcn9CeolB8/telekiller-tool-session-hijacking-and.html)
- [pwnedOrNot v1.1.7 - OSINT Tool To Find Passwords For Compromised Email Addresses](http://feedproxy.google.com/~r/PentestTools/~3/zMsIKFBaGtY/pwnedornot-v117-osint-tool-to-find.html)
- [0D1N v2.6 - Web Security Tool To Make Fuzzing At HTTP/S](http://feedproxy.google.com/~r/PentestTools/~3/ioYkysg8i6k/0d1n-v26-web-security-tool-to-make.html)
- [CredsLeaker v3 - Tool to Display A Powershell Credentials Box](http://feedproxy.google.com/~r/PentestTools/~3/9y08bFtnHNg/credsleaker-v3-tool-to-display.html)
- [GodOfWar - Malicious Java WAR Builder With Built-In Payloads](http://feedproxy.google.com/~r/PentestTools/~3/48DUIB_ttEQ/godofwar-malicious-java-war-builder.html)
- [XSStrike v3.1.4 - Most Advanced XSS Detection Suite](http://feedproxy.google.com/~r/PentestTools/~3/_ChCQ9dGpko/xsstrike-v314-most-advanced-xss.html)
- [Chkdfront - Check Domain Fronting](http://feedproxy.google.com/~r/PentestTools/~3/Ob0V8Rj5l6I/chkdfront-check-domain-fronting.html)
- [QRLJacker v2.0 - QRLJacking Exploitation Framework](http://feedproxy.google.com/~r/PentestTools/~3/juZIlVyrDiM/qrljacker-v20-qrljacking-exploitation.html)
- [Zeebsploit - Web Scanner / Exploitation / Information Gathering](http://feedproxy.google.com/~r/PentestTools/~3/RZKskKnsCFU/zeebsploit-web-scanner-exploitation_10.html)
- [Mysql-Magic - Dump Mysql Client Password From Memory](http://feedproxy.google.com/~r/PentestTools/~3/koY9c2YGnzc/mysql-magic-dump-mysql-client-password.html)
- [mXtract v1.2 - Memory Extractor & Analyzer](http://feedproxy.google.com/~r/PentestTools/~3/afNZNO7w4Xk/mxtract-v12-memory-extractor-analyzer.html)
- [DefectDojo v1.5.4 - Application Vulnerability Correlation And Security Orchestration Application](http://feedproxy.google.com/~r/PentestTools/~3/y_c8QTZckgk/defectdojo-v154-application.html)
- [Free Cynet Threat Assessment for Mid-sized and Large Organizations](http://feedproxy.google.com/~r/PentestTools/~3/nSnlxp2L5PU/free-cynet-threat-assessment-for-mid.html)
- [Beagle - An Incident Response And Digital Forensics Tool Which Transforms Security Logs And Data Into Graphs](http://feedproxy.google.com/~r/PentestTools/~3/cEy42c_u1ck/beagle-incident-response-and-digital.html)
- [ISF - Industrial Control System Exploitation Framework](http://feedproxy.google.com/~r/PentestTools/~3/oT_vl-DqvbE/isf-industrial-control-system.html)
- [Pocsuite3 - An Open-Sourced Remote Vulnerability Testing Framework](http://feedproxy.google.com/~r/PentestTools/~3/x6R6agm_yNE/pocsuite3-open-sourced-remote.html)
- [XanXSS - A Simple XSS Finding Tool](http://feedproxy.google.com/~r/PentestTools/~3/l-J2Alp5HZY/xanxss-simple-xss-finding-tool.html)
- [Pyrit - The Famous WPA Precomputed Cracker](http://feedproxy.google.com/~r/PentestTools/~3/V8MTVWRjf0k/pyrit-famous-wpa-precomputed-cracker.html)
- [Faraday v3.7 - Collaborative Penetration Test and Vulnerability Management Platform](http://feedproxy.google.com/~r/PentestTools/~3/oLcdNOwS8pg/faraday-v37-collaborative-penetration.html)
- [PowerShellArsenal - A PowerShell Module Dedicated To Reverse Engineering](http://feedproxy.google.com/~r/PentestTools/~3/dBmXp-b1EI0/powershellarsenal-powershell-module.html)
- [Darksplitz - Exploit Framework](http://feedproxy.google.com/~r/PentestTools/~3/i5XdO5H76m8/darksplitz-exploit-framework.html)
- [CHAOS Framework v3.0 - Generate Payloads And Control Remote Windows Systems](http://feedproxy.google.com/~r/PentestTools/~3/qSMqQNeFOgU/chaos-framework-v20-generate-payloads.html)
- [CHAOS Framework v2.0 - Generate Payloads And Control Remote Windows Systems](http://feedproxy.google.com/~r/PentestTools/~3/qSMqQNeFOgU/chaos-framework-v20-generate-payloads.html)
- [ISeeYou - Bash And Javascript Tool To Find The Exact Location Of The Users During Social Engineering Or Phishing Engagements](http://feedproxy.google.com/~r/PentestTools/~3/kBe1Xfh9iTc/iseeyou-bash-and-javascript-tool-to.html)
- [Instainsane - Multi-threaded Instagram Brute Forcer](http://feedproxy.google.com/~r/PentestTools/~3/n2J8ihzAvxI/instainsane-multi-threaded-instagram.html)
- [Evillimiter - Limits Bandwidth Of Devices On The Same Network](http://feedproxy.google.com/~r/PentestTools/~3/L71rmvqXuTY/evillimiter-limits-bandwidth-of-devices.html)
- [Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning](http://feedproxy.google.com/~r/PentestTools/~3/DCeXRDXo4J0/osmedeus-fully-automated-offensive.html)
- [Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory](http://feedproxy.google.com/~r/PentestTools/~3/m-Z8svy5Mbg/mimikatz-v220-post-exploitation-tool-to.html)
- [Commando VM - The First of Its Kind Windows Offensive Distribution](http://feedproxy.google.com/~r/PentestTools/~3/7vdMiUOLgeU/commando-vm-first-of-its-kind-windows.html)
- [IDArling - Collaborative Reverse Engineering Plugin For IDA Pro & Hex-Rays](http://feedproxy.google.com/~r/PentestTools/~3/iENP1YvFAOE/idarling-collaborative-reverse.html)
- [Wireshark Cheatsheet](http://feedproxy.google.com/~r/PentestTools/~3/I1DdQx4THpA/wireshark-cheatsheet.html)
- [FFM (Freedom Fighting Mode) - Open Source Hacking Harness](http://feedproxy.google.com/~r/PentestTools/~3/0T8msrFGIbE/ffm-freedom-fighting-mode-open-source.html)
- [Just-Metadata - Tool That Gathers And Analyzes Metadata About IP Addresses](http://feedproxy.google.com/~r/PentestTools/~3/woImI_1gz9Y/just-metadata-tool-that-gathers-and.html)
- [phpMussel - PHP-based Anti-Virus Anti-Trojan Anti-Malware Solution](http://feedproxy.google.com/~r/PentestTools/~3/GyXiM5XXkzc/phpmussel-php-based-anti-virus-anti.html)
- [WinPwn - Automation For Internal Windows Penetrationtest](http://feedproxy.google.com/~r/PentestTools/~3/9lPHNu1cvU8/winpwn-automation-for-internal-windows.html)
- [Reconerator - C# Targeted Attack Reconnaissance Tools](http://feedproxy.google.com/~r/PentestTools/~3/ijyKtK7r7jk/reconerator-c-targeted-attack.html)
- [Mutiny Fuzzing Framework - Network Fuzzer That Operates By Replaying PCAPs Through A Mutational Fuzzer](http://feedproxy.google.com/~r/PentestTools/~3/2MWStTlswIE/mutiny-fuzzing-framework-network-fuzzer.html)
- [Flightsim - A Utility To Generate Malicious Network Traffic And Evaluate Controls](http://feedproxy.google.com/~r/PentestTools/~3/iP4qxku8k_8/flightsim-utility-to-generate-malicious.html)
- [LAPSToolkit - Tool To Audit And Attack LAPS Environments](http://feedproxy.google.com/~r/PentestTools/~3/0JNW5bf6UGc/lapstoolkit-tool-to-audit-and-attack.html)
- [Xori - An Automation-Ready Disassembly And Static Analysis Library For PE32, 32+ And Shellcode](http://feedproxy.google.com/~r/PentestTools/~3/4m8ecBSKkZc/xori-automation-ready-disassembly-and.html)
- [H2T - Scans A Website And Suggests Security Headers To Apply](http://feedproxy.google.com/~r/PentestTools/~3/LaZLa7zlv9k/h2t-scans-website-and-suggests-security.html)
- [Got-Responded - A Simple Tool To Detect NBT-NS And LLMNR Spoofing](http://feedproxy.google.com/~r/PentestTools/~3/JiuGZeJ1OoU/got-responded-simple-tool-to-detect-nbt.html)
- [WPScan v3.4.5 - Black Box WordPress Vulnerability Scanner](http://feedproxy.google.com/~r/PentestTools/~3/36ioKYj1ExE/wpscan-v345-black-box-wordpress.html)
- [Androwarn - Yet Another Static Code Analyzer For Malicious Android Applications](http://feedproxy.google.com/~r/PentestTools/~3/CXJc4Zacvso/androwarn-yet-another-static-code.html)
- [FIR - Fast Incident Response](http://feedproxy.google.com/~r/PentestTools/~3/ppBJPOSeiE4/fir-fast-incident-response.html)
- [Webtech - Identify Technologies Used On Websites](http://feedproxy.google.com/~r/PentestTools/~3/bguM2uPOwiU/webtech-identify-technologies-used-on.html)
- [Lynis 2.7.3 - Security Auditing Tool for Unix/Linux Systems](http://feedproxy.google.com/~r/PentestTools/~3/SfDf5sliFYA/lynis-273-security-auditing-tool-for.html)
- [SMS-Stack - Framework to provided TPC/IP based characteristics to the GSM Short Message Service](http://feedproxy.google.com/~r/PentestTools/~3/9hceL_jtpCY/sms-stack-framework-to-provided-tpcip.html)
- [Xerxes - DoS Tool Enhanced](http://feedproxy.google.com/~r/PentestTools/~3/FKQz_c3NmhA/xerxes-dos-tool-enhanced.html)
- [mXtract - Memory Extractor & Analyzer](http://feedproxy.google.com/~r/PentestTools/~3/klmJCxzlVRA/mxtract-memory-extractor-analyzer.html)
- [RapidRepoPull - Tool To Quickly Pull And Install Repos From A List](http://feedproxy.google.com/~r/PentestTools/~3/eSN79pCheoQ/rapidrepopull-tool-to-quickly-pull-and.html)
- [Goscan - Interactive Network Scanner](http://feedproxy.google.com/~r/PentestTools/~3/QvZdo-L3mC8/goscan-interactive-network-scanner.html)
- [Remot3d v2.0 - Tool Created For Large Pentesters As Well As Just For The Pleasure Of Defacers To Control Server By Backdoors](http://feedproxy.google.com/~r/PentestTools/~3/yLlm2OQbWtE/remot3d-v20-tool-created-for-large.html)
- [Dnsdmpstr - Unofficial API & Client For Dnsdumpster.Com And Hackertarget.Com](http://feedproxy.google.com/~r/PentestTools/~3/cJrHa_dhIkQ/dnsdmpstr-unofficial-api-client-for.html)
- [Freevulnsearch - Free And Open NMAP NSE Script To Query Vulnerabilities Via The cve-search.org API](http://feedproxy.google.com/~r/PentestTools/~3/hRdoLgffwbs/freevulnsearch-free-and-open-nmap-nse.html)
- [Armory - A Tool Meant To Take In A Lot Of External And Discovery Data From A Lot Of Tools, Add It To A Database And Correlate All Of Related Information](http://feedproxy.google.com/~r/PentestTools/~3/Dxhfc9Rx4sk/armory-tool-meant-to-take-in-lot-of.html)
- [DOGE - Darknet Osint Graph Explorer](http://feedproxy.google.com/~r/PentestTools/~3/Ugv1-a3xlrQ/doge-darknet-osint-graph-explorer.html)
- [Mad-Metasploit - Metasploit Custom Modules, Plugins & Resource Scripts](http://feedproxy.google.com/~r/PentestTools/~3/D8ExNN2Y8Rs/mad-metasploit-metasploit-custom.html)
- [Metaforge - An OSINT Metadata Analyzing Tool That Filters Through Tags And Creates Reports](http://feedproxy.google.com/~r/PentestTools/~3/sRAY17Dl5eQ/metaforge-osint-metadata-analyzing-tool.html)
- [Hashboy-Tool - A Hash Query Tool](http://feedproxy.google.com/~r/PentestTools/~3/WF_Ut4LqVas/hashboy-tool-hash-query-tool.html)
- [CarbonCopy - A Tool Which Creates A Spoofed Certificate Of Any Online Website And Signs An Executable For AV Evasion](http://feedproxy.google.com/~r/PentestTools/~3/696PzvX73MM/carboncopy-tool-which-creates-spoofed.html)
- [Karma - Search of Emails and Passwords on Pwndb](http://feedproxy.google.com/~r/PentestTools/~3/Z2_HhIVSkSU/karma-search-of-emails-and-passwords-on.html)
- [Arjun v1.3 - HTTP Parameter Discovery Suite](http://feedproxy.google.com/~r/PentestTools/~3/zWZXsOUSOfk/arjun-v13-http-parameter-discovery-suite.html)
- [SocialFish v2 - Educational Phishing Tool & Information Collector](http://feedproxy.google.com/~r/PentestTools/~3/UIciopFruGI/socialfish-v2-educational-phishing-tool.html)
- [DNS-Shell - An Interactive Shell Over DNS Channel](http://feedproxy.google.com/~r/PentestTools/~3/-RbwR0s6j4w/dns-shell-interactive-shell-over-dns.html)
- [Decker - Declarative Penetration Testing Orchestration Framework](http://feedproxy.google.com/~r/PentestTools/~3/v-JzhQO-i2Q/decker-declarative-penetration-testing.html)
- [PFQ - Functional Network Framework For Multi-Core Architectures](http://feedproxy.google.com/~r/PentestTools/~3/lHrferXOPnc/pfq-functional-network-framework-for.html)
- [Hostintel - A Modular Python Application To Collect Intelligence For Malicious Hosts](http://feedproxy.google.com/~r/PentestTools/~3/MPHA1vA45o0/hostintel-modular-python-application-to.html)
- [IoT-Home-Guard - A Tool For Malicious Behavior Detection In IoT Devices](http://feedproxy.google.com/~r/PentestTools/~3/00rK4kMhDhs/iot-home-guard-tool-for-malicious.html)
- [Acunetix Web Application Vulnerability Report 2019](http://feedproxy.google.com/~r/PentestTools/~3/pkuHKauhESU/acunetix-web-application-vulnerability.html)
- [Kage - Graphical User Interface For Metasploit Meterpreter And Session Handler](http://feedproxy.google.com/~r/PentestTools/~3/tRooyJ9gO2o/kage-graphical-user-interface-for.html)
- [rootOS - macOS Root Helper](http://feedproxy.google.com/~r/PentestTools/~3/DYTj2i_s_Hs/rootos-macos-root-helper.html)
- [Vuls - Vulnerability Scanner For Linux/FreeBSD, Agentless, Written In Go](http://feedproxy.google.com/~r/PentestTools/~3/LeiEkChMh4Y/vuls-vulnerability-scanner-for.html)
- [Reverse Shell Cheat Sheet](http://feedproxy.google.com/~r/PentestTools/~3/Ygxu7rgH7jo/reverse-shell-cheat-sheet.html)
- [AutoRDPwn v4.8 - The Shadow Attack Framework](http://feedproxy.google.com/~r/PentestTools/~3/jFXs4Lm9-_8/autordpwn-v48-shadow-attack-framework.html)
- [Cat-Nip - Automated Basic Pentest Tool (Designed For Kali Linux)](http://feedproxy.google.com/~r/PentestTools/~3/8By2_tKKSAQ/cat-nip-automated-basic-pentest-tool.html)
- [Goca Scanner - FOCA fork written in Go](http://feedproxy.google.com/~r/PentestTools/~3/fyg9c9PUyTc/goca-scanner-foca-fork-written-in-go.html)
- [Chomp Scan - A Scripted Pipeline Of Tools To Streamline The Bug Bounty/Penetration Test Reconnaissance Phase](http://feedproxy.google.com/~r/PentestTools/~3/tYTe2G8JkeM/chomp-scan-scripted-pipeline-of-tools.html)
- [Turbinia - Automation And Scaling Of Digital Forensics Tools](http://feedproxy.google.com/~r/PentestTools/~3/fVMVv8I43F4/turbinia-automation-and-scaling-of.html)
- [Ghidra - Software Reverse Engineering Framework](http://feedproxy.google.com/~r/PentestTools/~3/3UcCac0PJA4/ghidra-software-reverse-engineering.html)
- [Legion - An Easy-To-Use, Super-Extensible And Semi-Automated Network Penetration Testing Tool That Aids In Discovery, Reconnaissance And Exploitation Of Information Systems](http://feedproxy.google.com/~r/PentestTools/~3/jDSvXwEafjY/legion-easy-to-use-super-extensible-and.html)
- [Reload.sh - Reinstall, Restore And Wipe Your System Via SSH, Without Rebooting](http://feedproxy.google.com/~r/PentestTools/~3/FFaKm01Nscg/reloadsh-reinstall-restore-and-wipe.html)
- [UserLAnd - The Easiest Way To Run A Linux Distribution or Application on Android](http://feedproxy.google.com/~r/PentestTools/~3/Z6GCKCBT-sI/userland-easiest-way-to-run-linux.html)
- [Cuteit v0.2.1 - IP Obfuscator Made To Make A Malicious Ip A Bit Cuter](http://feedproxy.google.com/~r/PentestTools/~3/SmoBE9chyxU/cuteit-v021-ip-obfuscator-made-to-make.html)
- [Rpi-Hunter - Automate Discovering And Dropping Payloads On LAN Raspberry Pi's Via SSH](http://feedproxy.google.com/~r/PentestTools/~3/cPYvAMXfbJo/rpi-hunter-automate-discovering-and.html)
- [CMSeeK v1.1.1 - CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 150 Other CMSs)](http://feedproxy.google.com/~r/PentestTools/~3/8EDnhSxC2Hw/cmseek-v111-cms-detection-and.html)
- [Faraday v3.6 - Collaborative Penetration Test and Vulnerability Management Platform](http://feedproxy.google.com/~r/PentestTools/~3/xuC5gpNVqec/faraday-v36-collaborative-penetration.html)
- [Phantom Evasion - Python AV Evasion Tool Capable To Generate FUD Executable Even With The Most Common 32 Bit Metasploit Payload (Exe/Elf/Dmg/Apk)](http://feedproxy.google.com/~r/PentestTools/~3/u2lYO11vEuc/phantom-evasion-python-av-evasion-tool.html)
- [Strelka - Scanning Files At Scale With Python And ZeroMQ](http://feedproxy.google.com/~r/PentestTools/~3/J5e-Il60yXg/strelka-scanning-files-at-scale-with.html)
- [Imago Forensics - Imago Is A Python Tool That Extract Digital Evidences From Images](http://feedproxy.google.com/~r/PentestTools/~3/JzmwiCsLTtY/imago-forensics-imago-is-python-tool.html)
- [VSHG - Hardware resistance & enhanced security for GnuPG](http://feedproxy.google.com/~r/PentestTools/~3/6L_0uMuwloY/vshg-hardware-resistance-enhanced.html)
- [Angr - A Powerful And User-Friendly Binary Analysis Platform](http://feedproxy.google.com/~r/PentestTools/~3/d91K9L2OVN8/angr-powerful-and-user-friendly-binary.html)
- [Ntopng - Web-based Traffic And Security Network Traffic Monitoring](http://feedproxy.google.com/~r/PentestTools/~3/3TSYk971DW0/ntopng-web-based-traffic-and-security.html)
- [HT-WPS Breaker - High Touch WPS Breaker](http://feedproxy.google.com/~r/PentestTools/~3/ELDL0kdTbPo/ht-wps-breaker-high-touch-wps-breaker.html)
- [Ophcrack - A Windows Password Cracker Based On Rainbow Tables](http://feedproxy.google.com/~r/PentestTools/~3/24cbWRaWa8k/ophcrack-windows-password-cracker-based.html)
- [Metasploit Cheat Sheet](http://feedproxy.google.com/~r/PentestTools/~3/o__OH665w5U/metasploit-cheat-sheet.html)
- [SALT - SLUB ALlocator Tracer For The Linux Kernel](http://feedproxy.google.com/~r/PentestTools/~3/841MbWBL0_8/salt-slub-allocator-tracer-for-linux.html)
- [Command Injection Payload List](http://feedproxy.google.com/~r/PentestTools/~3/YXW6UlJA36g/command-injection-payload-list.html)
- [Reko - A General Purpose Binary Decompiler](http://feedproxy.google.com/~r/PentestTools/~3/nwLk-LG8bbo/reko-general-purpose-binary-decompiler.html)
- [Iptables Essentials - Common Firewall Rules And Commands](http://feedproxy.google.com/~r/PentestTools/~3/QxQzNFl9P6o/iptables-essentials-common-firewall.html)
- [HexRaysCodeXplorer - Hex-Rays Decompiler Plugin For Better Code Navigation](http://feedproxy.google.com/~r/PentestTools/~3/nViFOGTghjU/hexrayscodexplorer-hex-rays-decompiler.html)
- [PHP Security Check List](http://feedproxy.google.com/~r/PentestTools/~3/Fz-b3ysARp4/php-security-check-list.html)
- [OSFClone - Open Source Utility To Create And Clone Forensic Disk Images](http://feedproxy.google.com/~r/PentestTools/~3/MtkDht4BEQY/osfclone-open-source-utility-to-create.html)
- [Cheat Engine - A Development Environment Focused On Modding](http://feedproxy.google.com/~r/PentestTools/~3/hmyT4ewgMO8/cheat-engine-development-environment.html)
- [BeEF - The Browser Exploitation Framework Project](http://feedproxy.google.com/~r/PentestTools/~3/W1UXPoIIVbg/beef-browser-exploitation-framework.html)
- [Eraser - Secure Erase Files from Hard Drives on Windows](http://feedproxy.google.com/~r/PentestTools/~3/94Y32zmk1ws/eraser-secure-erase-files-from-hard.html)
- [SecLists - A Collection Of Multiple Types Of Lists Used During Security Assessments, Collected In One Place (Usernames, Passwords, URLs, Sensitive Data Patterns, Fuzzing Payloads, Web Shells, And Many More)](http://feedproxy.google.com/~r/PentestTools/~3/oN0YzDUFStg/seclists-collection-of-multiple-types.html)
- [GameGuardian - Android Game Hack/Alteration Tool](http://feedproxy.google.com/~r/PentestTools/~3/6ReYL4igg7Q/gameguardian-android-game.html)
- [OSINT-SPY - Search using OSINT (Open Source Intelligence)](http://feedproxy.google.com/~r/PentestTools/~3/-x63Tn8Ij2w/osint-spy-search-using-osint-open.html)
- [Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis](http://feedproxy.google.com/~r/PentestTools/~3/up3tM_gz8JE/maltego-ce-interactive-data-mining-tool.html)
- [BoNeSi - The DDoS Botnet Simulator](http://feedproxy.google.com/~r/PentestTools/~3/C0CY4Q1tSyk/bonesi-ddos-botnet-simulator.html)
- [HoneyPy - A Low To Medium Interaction Honeypot](http://feedproxy.google.com/~r/PentestTools/~3/Tb-oc6uz-nw/honeypy-low-to-medium-interaction.html)
- [Egress-Assess - Tool Used To Test Egress Data Detection Capabilities](http://feedproxy.google.com/~r/PentestTools/~3/rKdOLuFB10w/egress-assess-tool-used-to-test-egress.html)
- [Fibratus - Tool For Exploration And Tracing Of The Windows Kernel](http://feedproxy.google.com/~r/PentestTools/~3/_sRsUUcl2vU/fibratus-tool-for-exploration-and.html)
- [TROMMEL - Sift Through Embedded Device Files To Identify Potential Vulnerable Indicators](http://feedproxy.google.com/~r/PentestTools/~3/UW_LBgpwYX4/trommel-sift-through-embedded-device.html)
- [DCOMrade - Powershell Script For Enumerating Vulnerable DCOM Applications](http://feedproxy.google.com/~r/PentestTools/~3/xaHJPu0lHk0/dcomrade-powershell-script-for.html)
- [Ponce - IDA Plugin For Symbolic Execution Just One-Click Away!](http://feedproxy.google.com/~r/PentestTools/~3/rD4UX2khHlQ/ponce-ida-plugin-for-symbolic-execution.html)
- [Kaboom - Automatic Pentest](http://feedproxy.google.com/~r/PentestTools/~3/dpBcPFYIccU/kaboom-automatic-pentest.html)
- [SSRFmap - Automatic SSRF Fuzzer And Exploitation Tool](http://feedproxy.google.com/~r/PentestTools/~3/sNJOEPAhpEU/ssrfmap-automatic-ssrf-fuzzer-and.html)
- [Pompem - Exploit and Vulnerability Finder](http://feedproxy.google.com/~r/PentestTools/~3/_sGYDk1y8f4/pompem-exploit-and-vulnerability-finder.html)
- [Lazygit - Simple Terminal UI For Git Commands](http://feedproxy.google.com/~r/PentestTools/~3/rs7BxUhTWmY/lazygit-simple-terminal-ui-for-git.html)
- [Up (Ultimate Plumber) - Tool For Writing Linux Pipes With Instant Live Preview](http://feedproxy.google.com/~r/PentestTools/~3/lQ3o3CxxgNU/up-ultimate-plumber-tool-for-writing.html)
- [CDF - Crypto Differential Fuzzing](http://feedproxy.google.com/~r/PentestTools/~3/QWrOPl4RtZg/cdf-crypto-differential-fuzzing.html)
- [Justniffer - Network TCP Packet Sniffer](http://feedproxy.google.com/~r/PentestTools/~3/ZeOTT8XrMaE/justniffer-network-tcp-packet-sniffer.html)
- [UEFI Firmware Parser - Parse BIOS/Intel ME/UEFI Firmware Related Structures: Volumes, FileSystems, Files, Etc](http://feedproxy.google.com/~r/PentestTools/~3/vrw7ce1SeJ0/uefi-firmware-parser-parse-biosintel.html)
- [PF_RING - High-Speed Packet Capture, Filtering And Analysis](http://feedproxy.google.com/~r/PentestTools/~3/JHNjKGg4NWI/pfring-high-speed-packet-capture.html)
- [Pftriage - Python Tool And Library To Help Analyze Files During Malware Triage And Analysis](http://feedproxy.google.com/~r/PentestTools/~3/ZjjYohz9GbE/pftriage-python-tool-and-library-to.html)
- [nDPI - Open Source Deep Packet Inspection Software Toolkit](http://feedproxy.google.com/~r/PentestTools/~3/Ehj6aq0lpFg/ndpi-open-source-deep-packet-inspection.html)
- [Hontel - Telnet Honeypot](http://feedproxy.google.com/~r/PentestTools/~3/7Qv62zGn_mo/hontel-telnet-honeypot.html)
- [Volatility Workbench - A GUI For Volatility Memory Forensics](http://feedproxy.google.com/~r/PentestTools/~3/OzWarBRi5YU/volatility-workbench-gui-for-volatility.html)
- [HTTrack Website Copier - Web Crawler And Offline Browser](http://feedproxy.google.com/~r/PentestTools/~3/-iUl75kJzG4/httrack-website-copier-web-crawler-and.html)
- [OSFMount - Mount Disk Images & Create RAM Drives](http://feedproxy.google.com/~r/PentestTools/~3/b1UlY7C2tko/osfmount-mount-disk-images-create-ram.html)
- [Process Hacker - A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware](http://feedproxy.google.com/~r/PentestTools/~3/nL_bfHHeQgA/process-hacker-free-powerful-multi.html)
- [CANalyzat0r - Security Analysis Toolkit For Proprietary Car Protocols](http://feedproxy.google.com/~r/PentestTools/~3/KPeA8qxDNEk/canalyzat0r-security-analysis-toolkit.html)
- [DFIRTrack - The Incident Response Tracking Application](http://feedproxy.google.com/~r/PentestTools/~3/vHFBZOQWsMA/dfirtrack-incident-response-tracking.html)
- [Goscan - Interactive Network Scanner](http://feedproxy.google.com/~r/PentestTools/~3/uz1Ra9_76sE/goscan-interactive-network-scanner.html)
- [RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations](http://feedproxy.google.com/~r/PentestTools/~3/v3TIGlliuHU/redelk-easy-deployable-tool-for-red.html)
- [Fnord - Pattern Extractor For Obfuscated Code](http://feedproxy.google.com/~r/PentestTools/~3/kM2-_TEV7fY/fnord-pattern-extractor-for-obfuscated.html)
- [Bincat - Binary Code Static Analyser, With IDA Integration](http://feedproxy.google.com/~r/PentestTools/~3/M4xJHHI1nlw/bincat-binary-code-static-analyser-with.html)
- [Bscan - An Asynchronous Target Enumeration Tool](http://feedproxy.google.com/~r/PentestTools/~3/nmAEkhGVeYk/bscan-asynchronous-target-enumeration.html)
- [Modlishka - An Open Source Phishing Tool With 2FA Authentication](http://feedproxy.google.com/~r/PentestTools/~3/Z2CV9SS3UmA/modlishka-open-source-phishing-tool.html)
- [Fwknop - Single Packet Authorization & Port Knocking](http://feedproxy.google.com/~r/PentestTools/~3/Ty69-sAkBMw/fwknop-single-packet-authorization-port.html)
- [Netsniff-Ng - A Swiss Army Knife For Your Daily Linux Network Plumbing](http://feedproxy.google.com/~r/PentestTools/~3/i86oZPByzMQ/netsniff-ng-swiss-army-knife-for-your.html)
- [Electronegativity - Tool To Identify Misconfigurations And Security Anti-Patterns In Electron Applications](http://feedproxy.google.com/~r/PentestTools/~3/zp7KJ0Mg0-A/electronegativity-tool-to-identify.html)
- [LOLBAS - Living Off The Land Binaries And Scripts (LOLBins And LOLScripts)](http://feedproxy.google.com/~r/PentestTools/~3/jRBNy3dl0p4/lolbas-living-off-land-binaries-and.html)
- [XIP - Tool To Generate A List Of IP Addresses By Applying A Set Of Transformations Used To Bypass Security Measures E.G. Blacklist Filtering, WAF, Etc.](http://feedproxy.google.com/~r/PentestTools/~3/7I5CFPFXxWo/xip-tool-to-generate-list-of-ip.html)
- [Stenographer - A Packet Capture Solution Which Aims To Quickly Spool All Packets To Disk, Then Provide Simple, Fast Access To Subsets Of Those Packets](http://feedproxy.google.com/~r/PentestTools/~3/jbklI8CeJpA/stenographer-packet-capture-solution.html)
- [Fierce - Semi-Lightweight Scanner That Helps Locate Non-Contiguous IP Space And Hostnames Against Specified Domains](http://feedproxy.google.com/~r/PentestTools/~3/X8Fc7tY8OFI/fierce-semi-lightweight-scanner-that.html)
- [Bolt - CSRF Scanning Suite](http://feedproxy.google.com/~r/PentestTools/~3/vu2sbgER-jY/bolt-csrf-scanning-suite.html)
- [Pwndb - Search For Creadentials Leaked On Pwndb](http://feedproxy.google.com/~r/PentestTools/~3/StIgYaSXjQ8/pwndb-search-for-creadentials-leaked-on.html)
- [Pown Recon - A Powerful Target Reconnaissance Framework Powered By Graph Theory](http://feedproxy.google.com/~r/PentestTools/~3/P1jfEtHTWpY/pown-recon-powerful-target.html)
- [Uncle Spufus - A Tool That Automates Mac Address Spoofing](http://feedproxy.google.com/~r/PentestTools/~3/MtP954n5vhQ/uncle-spufus-tool-that-automates-mac.html)
- [CIRTKit - Tools For The Computer Incident Response Team](http://feedproxy.google.com/~r/PentestTools/~3/w0zubUkg6ms/cirtkit-tools-for-computer-incident.html)
- [ADAPT - Tool That Performs Automated Penetration Testing For WebApps](http://feedproxy.google.com/~r/PentestTools/~3/c3ObjGg1ce8/adapt-tool-that-performs-automated.html)
- [Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool](http://feedproxy.google.com/~r/PentestTools/~3/JoL8_BBnrhQ/scanner-cli-project-securityvulnerabili.html)
- [Sn0Int - Semi-automatic OSINT Framework And Package Manager](http://feedproxy.google.com/~r/PentestTools/~3/K08LwvEQi2o/sn0int-semi-automatic-osint-framework.html)
- [FTW - Framework For Testing WAFs](http://feedproxy.google.com/~r/PentestTools/~3/vosO_nniiiI/ftw-framework-for-testing-wafs.html)
- [identYwaf - Blind WAF Identification Tool](http://feedproxy.google.com/~r/PentestTools/~3/UgxDsRiPrIY/identywaf-blind-waf-identification-tool.html)
- [Sh00T - A Testing Environment for Manual Security Testers](http://feedproxy.google.com/~r/PentestTools/~3/9c76MO4aIn0/sh00t-testing-environment-for-manual.html)
- [WiGLE - Wifi Wardriving (Nethugging Client For Android)](http://feedproxy.google.com/~r/PentestTools/~3/gDQEZOV06DY/wigle-wifi-wardriving-nethugging-client.html)
- [LeakLooker - Find Open Databases With Shodan](http://feedproxy.google.com/~r/PentestTools/~3/IenFsQWmHbY/leaklooker-find-open-databases-with.html)
- [SecureTea Project - The Purpose Of This Application Is To Warn The User (Via Various Communication Mechanisms) Whenever Their Laptop Accessed](http://feedproxy.google.com/~r/PentestTools/~3/BUlZL0iZhGQ/securetea-project-purpose-of-this.html)
- [ProcDump - A Linux Version Of The ProcDump Sysinternals Tool](http://feedproxy.google.com/~r/PentestTools/~3/tkcqiIG2iUQ/procdump-linux-version-of-procdump.html)
- [Parrot Security 4.5 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind](http://feedproxy.google.com/~r/PentestTools/~3/xXnhQTKJewU/parrot-security-45-security-gnulinux.html)
- [Jok3R - Network And Web Pentest Framework](http://feedproxy.google.com/~r/PentestTools/~3/dhiTfm3fEdk/jok3r-network-and-web-pentest-framework.html)
- [Beebug - A Tool For Checking Exploitability](http://feedproxy.google.com/~r/PentestTools/~3/lAJoFUTmlNs/beebug-tool-for-checking-exploitability.html)
- [Conpot - An Open Industrial Control Honeypot](http://feedproxy.google.com/~r/PentestTools/~3/Khos5GRsxrw/conpot-open-industrial-control-honeypot.html)
- [WPintel - Chrome Extension Designed For WordPress Vulnerability Scanning And Information Gathering](http://feedproxy.google.com/~r/PentestTools/~3/NYfoNh5N9zM/wpintel-chrome-extension-designed-for.html)
- [Malice - VirusTotal Wanna Be (Now With 100% More Hipster)](http://feedproxy.google.com/~r/PentestTools/~3/MYaRxSE3IIE/malice-virustotal-wanna-be-now-with-100.html)
- [Htcap - A Web Application Scanner Able To Crawl Single Page Application (SPA) In A Recursive Manner By Intercepting Ajax Calls And DOM Changes](http://feedproxy.google.com/~r/PentestTools/~3/aJgXuqnKFus/htcap-web-application-scanner-able-to.html)
- [Remot3d - An Simple Exploit for PHP Language](http://feedproxy.google.com/~r/PentestTools/~3/MfRDXGlJowM/remot3d-simple-exploit-for-php-language.html)
- [Tyton - Linux Kernel-Mode Rootkit Hunter for 4.4.0-31+](http://feedproxy.google.com/~r/PentestTools/~3/-SpNjyLloZM/tyton-linux-kernel-mode-rootkit-hunter.html)
- [Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io](http://feedproxy.google.com/~r/PentestTools/~3/xeXSGXnN_xA/crashcast-exploit-this-tool-allows-you.html)
- [Tool-X - A Kali Linux Hacking Tool Installer](http://feedproxy.google.com/~r/PentestTools/~3/JqzGZm7j4JQ/tool-x-kali-linux-hacking-tool-installer.html)
- [SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool](http://feedproxy.google.com/~r/PentestTools/~3/RNZTk3qTooc/sqlmap-v13-automatic-sql-injection-and.html)
- [Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information](http://feedproxy.google.com/~r/PentestTools/~3/PdXu9zuRDIg/stretcher-tool-designed-to-help.html)
- [Aztarna - A Footprinting Tool For Robots](http://feedproxy.google.com/~r/PentestTools/~3/Q9CYfShlqRA/aztarna-footprinting-tool-for-robots.html)
- [Hediye - Hash Generator & Cracker Online Offline](http://feedproxy.google.com/~r/PentestTools/~3/p0oO5qBUFoI/hediye-hash-generator-cracker-online.html)
- [Killcast - Manipulate Chromecast Devices In Your Network](http://feedproxy.google.com/~r/PentestTools/~3/rMCHdNb3sTI/killcast-manipulate-chromecast-devices.html)
- [bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records](http://feedproxy.google.com/~r/PentestTools/~3/4GvtphGIZmM/bypass-firewalls-by-dns-history.html)
- [WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack](http://feedproxy.google.com/~r/PentestTools/~3/HogR4BTI3tM/wifi-pumpkin-v087-framework-for-rogue.html)
- [H8Mail - Email OSINT And Password Breach Hunting](http://feedproxy.google.com/~r/PentestTools/~3/u6x3-7n6oMI/h8mail-email-osint-and-password-breach.html)
- [Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters](http://feedproxy.google.com/~r/PentestTools/~3/Dr1bT8peAAc/kube-hunter-hunt-for-security.html)
- [Metasploit 5.0 - The Worlds Most Used Penetration Testing Framework](http://feedproxy.google.com/~r/PentestTools/~3/WdwaF60VaxA/metasploit-50-worlds-most-used.html)
- [Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support](http://feedproxy.google.com/~r/PentestTools/~3/WogS-qr4dno/interlace-easily-turn-single-threaded.html)
- [Twifo-Cli - Get User Information Of A Twitter User](http://feedproxy.google.com/~r/PentestTools/~3/Sbc3gunRkBE/twifo-cli-get-user-information-of.html)
- [Sitadel - Web Application Security Scanner](http://feedproxy.google.com/~r/PentestTools/~3/zfPWuXefLsw/sitadel-web-application-security-scanner.html)
- [Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)](http://feedproxy.google.com/~r/PentestTools/~3/MV1mlXFmkpg/pe-sieve-recognizes-and-dumps-variety.html)
- [Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To](http://feedproxy.google.com/~r/PentestTools/~3/sZXmRx1pB7E/malboxes-builds-malware-analysis.html)
- [Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies](http://feedproxy.google.com/~r/PentestTools/~3/elMWRHLI054/snyk-cli-and-build-time-tool-to-find.html)
- [Shed - .NET Runtime Inspector](http://feedproxy.google.com/~r/PentestTools/~3/byWGTLrRRMA/shed-net-runtime-inspector.html)
- [Stardox - Github Stargazers Information Gathering Tool](http://feedproxy.google.com/~r/PentestTools/~3/kAWqztoZ97E/stardox-github-stargazers-information.html)
- [Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool](http://feedproxy.google.com/~r/PentestTools/~3/mjOk7rQhp2Y/commix-v27-automated-all-in-one-os.html)
- [AutoSploit v3.0 - Automated Mass Exploiter](http://feedproxy.google.com/~r/PentestTools/~3/nDoUfG2uHQg/autosploit-v30-automated-mass-exploiter.html)
- [Faraday v3.5 - Collaborative Penetration Test and Vulnerability Management Platform](http://feedproxy.google.com/~r/PentestTools/~3/Fq1vFkcIIFI/faraday-v35-collaborative-penetration.html)
- [Recaf - A Modern Java Bytecode Editor](http://feedproxy.google.com/~r/PentestTools/~3/mAzq3GzpHIg/recaf-modern-java-bytecode-editor.html)
- [dnSpy - .NET Debugger And Assembly Editor](http://feedproxy.google.com/~r/PentestTools/~3/JZaPW594CQE/dnspy-net-debugger-and-assembly-editor.html)