Scribd
Upload
58 views3 pages

A Wide Collection of Ethical Hacking Tools

Insight on web vulnerability

Uploaded by

rejoicee832
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
58 views3 pages

A Wide Collection of Ethical Hacking Tools

Insight on web vulnerability

Uploaded by

rejoicee832
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Ethical hacking Tools by category

🕵️‍♂️ Information Gathering


Information Gathering tools allows you to collect host metadata about services and users.
Check informations about a domain, IP address, phone number or an email address.

● theHarvester
E-mails, subdomains and names Harvester.

● CTFR
Abusing Certificate Transparency logs for getting HTTPS websites subdomains

● Sn1per
Automated Pentest Recon Scanner.

● RED Hawk
All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have
tool for all penetration testers.

● Infoga
Email Information Gathering.

● Knockmail
Check if email address exists.

● a2sv
Auto Scanning to SSL Vulnerability.

● Nmap
A very common tool. Network host, vuln and port detector.

● Phoneinfoga
An OSINT framework for phone numbers.

● Wfuzz
Web application fuzzer.

🔒 Password Attacks
Crack passwords and create wordlists
● John the Ripper
John the Ripper is a fast password cracker.

● hashcat
World's fastest and most advanced password recovery utility.

● Hydra
Parallelized login cracker which supports numerous protocols to attack.

● ophcrack
Windows password cracker based on rainbow tables.

● Ncrack
High-speed network authentication cracking tool.

● WGen
Create awesome wordlists with Python.

● SSH Auditor
The best way to scan for weak ssh passwords on your network

📝 Wordlists
● Probable Wordlist
Wordlists sorted by probability originally created for password generation and testing

🌐 Wireless Testing
● Aircrack
WiFi security auditing tools suite

● bettercap
bettercap is the Swiss army knife for network attacks and monitoring.

● WiFi Pumpkin
Framework for Rogue Wi-Fi Access Point Attack.

● Airgeddon.
This is a multi-use bash script for Linux systems to audit wireless networks.

● Airbash
A POSIX-compliant, fully automated WPA PSK handshake capture script aimed at
penetration testing.

🔧 Exploitation Tools
Acesss systems and data with service-oriented exploits.

● SQLmap
Automatic SQL injection and database takeover tool.

● XSStrike
Advanced XSS detection and exploitation suite.
● Commix
Automated All-in-One OS command injection and exploitation tool.

● Nuclei
Fast and customisable vulnerability scanner based on simple YAML based DSL.

👥 Sniffing & Spoofing


Listen to network traffic or fake a network entity.

● Wireshark
Wireshark is a network protocol analyzer.

● WiFi Pumpkin
Framework for Rogue Wi-Fi Access Point Attack.

● Zarp
A free network attack framework

🚀 Web Hacking
Exploit popular CMSs that are hosted online.

● WPScan
WPScan is a black box WordPress vulnerability scanner.

● Droopescan
A plugin-based scanner to identify issues with several CMSs, mainly Drupal & Silverstripe
● Joomscan
Joomla Vulnerability Scanner.

● Drupwn
Drupal Security Scanner to perform enumerations on Drupal-based web applications

● CMSeek
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 130 other
CMSs.

🔥
" " React for part 2
Hope you enjoyed the post if yes then make sure to share our channel.

Regards:-) 🇳🇵

You might also like