©2019 by Karen Miller

  • White Instagram Icon

Pen Testing Tools

*Included in Kali Linux

Burp Suite*

Suite of security tools for web application testing

Crowbar*

Brute force tool that utilizes keys

Hydra*

Password cracking tool

MSFvenom*

Payload generating/encoding tool

Patator*

Advanced brute force tool

Shodan

IoT search engine

Veil-Evasion

Payload generator tool used for evading anti-virus

Cain & Abel

Password recovery tool

DirBuster*

Brute force tool used to enumerate directories/files on a server

John the Ripper*

Versatile password cracking tool

Netcat*

Networking tool used to read/write data over a connection

Pypcap

Python wrapper for libpcap

SQLmap*

Tool used for SQL injection detection and exploitation

WPscan*

Make this yours. Add images, text and links, or connect data from your collection.

Cobalt Strike

Threat emulation software

Empire

Windows post-exploitation framework

Kali Linux

Linux distribution for penetration testing, digital forensics, and other security objectives

Nikto*

Web server vulnerability scanner

Scapy

Packet manipulation tool

theHarvester*

Tool used to enumerate PII such as email addresses of employees at a particular organization

Wireshark*

WordPress vulnerability scanner

Commix*

Command injection exploiter tool for web applications

Exploit-DB

Database of exploits and other security resources

Metasploit*

Platform used to identify and exploit vulnerabilities on a target

Nmap*

Network scanner for host/port/service enumeration

Searchsploit*

CLI tool used to search Exploit-DB

Unicornscan*

Powerful port scanner

ZAP*

Web application vulnerability scanner and security testing tool