Tools List

Wireshark
Network Analysis
Protocol analyzer for capturing and inspecting network traffic.
Start Now
tcpdump
Network Analysis
Command-line packet capture and analysis tool.
Start Now
Tshark
Network Analysis
Terminal version of Wireshark for packet analysis.
Start Now
Zeek
Network Monitoring
Network security monitoring and traffic analysis framework.
Start Now
Suricata
Intrusion Detection/Prevention
IDS/IPS engine with high-performance packet processing.
Start Now
Snort
Intrusion Detection System
Open-source network IDS/IPS for detecting attacks.
Start Now
ntopng
Network Monitoring
Real-time network traffic monitoring and flow analysis.
Start Now
NetFlow Analyzer
Network Monitoring
Flow-based traffic monitoring and bandwidth analytics.
Start Now
MTR
Network Troubleshooting
Combines traceroute and ping for network diagnostics.
Start Now
hping3
Network Testing
Packet generator and analyzer for testing networks and firewalls.
Start Now
Nmap
Vulnerability Scanner
Network discovery and security auditing tool.
Start Now
Masscan
Port Scanner
Very fast TCP port scanner for large address spaces.
Start Now
Zmap
Port Scanner
Internet-wide network scanner for research and surveys.
Start Now
OpenVAS
Vulnerability Scanner
Open-source vulnerability scanning suite (Greenbone).
Start Now
Nessus
Vulnerability Scanner
Comprehensive vulnerability assessment platform.
Start Now
Qualys VMDR
Vulnerability Management
Cloud-based vulnerability and risk management platform.
Start Now
Nikto
Web Security Testing
Web server scanner for dangerous files and misconfigurations.
Start Now
OWASP ZAP
Web Security Testing
Intercepting proxy and scanner for web apps.
Start Now
Burp Suite
Web Security Testing
Integrated platform for web application security testing.
Start Now
WhatWeb
Reconnaissance
Website fingerprinting tool to identify technologies.
Start Now
Metasploit Framework
Penetration Testing
Exploit development and execution framework.
Start Now
Cobalt Strike
Red Team
Adversary simulation and post-exploitation platform.
Start Now
Sliver
Red Team
Open-source adversary emulation platform and C2.
Start Now
Empire
Post-Exploitation
PowerShell and Python post-exploitation framework.
Start Now
Responder
Credential Harvesting
LLMNR/NBT-NS/mDNS poisoner for credential capture.
Start Now
Impacket
Lateral Movement
Python tools for working with network protocols (SMB/RPC/LDAP).
Start Now
CrackMapExec
Lateral Movement
Swiss army knife for pentesting Windows/Active Directory environments.
Start Now
Mimikatz
Credential Dumping
Tool for interacting with Windows security and dumping credentials.
Start Now
BloodHound
Active Directory
Graph-based analysis of AD relationships for attack paths.
Start Now
Kerbrute
Active Directory
Kerberos bruteforcer and enumerator for AD.
Start Now
theHarvester
OSINT
E-mail, subdomain, and name harvester from public sources.
Start Now
Maltego
OSINT
Link analysis and data mining for investigations.
Start Now
SpiderFoot
OSINT
Automated OSINT collection and analysis platform.
Start Now
Shodan
OSINT/IoT
Search engine for Internet-connected devices and services.
Start Now
Amass
Reconnaissance
DNS enumeration and attack surface mapping.
Start Now
Sublist3r
Reconnaissance
Fast subdomain enumeration tool.
Start Now
Hashcat
Password Cracking
GPU-accelerated password recovery tool.
Start Now
John the Ripper
Password Cracking
Fast password cracker supporting many hash types.
Start Now
Hydra
Password Attacks
Network logon cracker supporting many services.
Start Now
CeWL
Wordlist Generation
Custom wordlist generator using web content.
Start Now
Crunch
Wordlist Generation
Wordlist generator for custom password lists.
Start Now
ScoutSuite
Cloud Security
Multi-cloud security auditing tool.
Start Now
Prowler
Cloud Security
AWS/Azure/GCP security best practices assessment.
Start Now
Trivy
Container Security
Vulnerability scanner for containers, SBOMs and IaC.
Start Now
Falco
Runtime Security
Cloud-native runtime security for containers and hosts.
Start Now
kube-bench
Kubernetes Security
Checks Kubernetes clusters against CIS benchmarks.
Start Now
kube-hunter
Kubernetes Security
Hunts for security issues in Kubernetes clusters.
Start Now
Volatility
Memory Forensics
Advanced memory forensics framework.
Start Now
Autopsy
Digital Forensics
GUI for The Sleuth Kit to analyze disks and smartphones.
Start Now
The Sleuth Kit
Digital Forensics
Collection of command-line forensic tools.
Start Now
Velociraptor
Incident Response
Endpoint monitoring, DFIR, and artifact collection.
Start Now
GRR Rapid Response
Incident Response
Remote live forensics and incident response framework.
Start Now
Kape
Incident Response
Rapid triage and collection for Windows artifacts.
Start Now
Sysinternals Suite
Windows Tools
Utilities for Windows troubleshooting and forensics.
Start Now
OSQuery
Endpoint Visibility
SQL-powered endpoint telemetry and visibility.
Start Now
Wazuh
SIEM/EDR
Security monitoring, SIEM, and XDR platform.
Start Now
Elastic Security
SIEM
SIEM and endpoint security on the Elastic Stack.
Start Now
CrowdStrike Falcon
EDR
Cloud-delivered endpoint detection and response platform.
Start Now
sqlmap
Web Security Testing
Automated SQL injection and database takeover tool.
Start Now
wpscan
Web Security Testing
WordPress vulnerability scanner.
Start Now
ffuf
Web Fuzzing
Fast web fuzzer for content discovery.
Start Now
Feroxbuster
Web Fuzzing
Recursive content discovery for web apps.
Start Now
Dirb
Web Fuzzing
URL and content brute forcing for web servers.
Start Now
Gophish
Phishing Simulation
Open-source phishing framework for training and testing.
Start Now
King Phisher
Phishing Simulation
Phishing campaign toolkit for security assessments.
Start Now
Aircrack-ng
Wireless Security
Suite for Wi‑Fi monitoring and WEP/WPA key cracking.
Start Now
Kismet
Wireless Monitoring
Wireless network detector, sniffer, and IDS.
Start Now
MobSF
Mobile Security
Mobile application (Android/iOS) security testing framework.
Start Now
GnuPG
Cryptography
OpenPGP encryption and signing toolkit.
Start Now
HashiCorp Vault
Secrets Management
Secure storage, encryption, and access to secrets.
Start Now
Grafana
Monitoring
Observability dashboards and visualization platform.
Start Now
Prometheus
Monitoring
Time‑series monitoring and alerting toolkit.
Start Now
Nmap Scripting Engine
Scripting
Lua scripts that extend Nmap for vuln detection and discovery.
Start Now
SharpHound
Active Directory
Data collector for BloodHound to map AD relationships.
Start Now
Rita
Network Analysis
Detects beaconing behavior in Zeek logs.
Start Now
YARA
Malware Analysis
Pattern matching to identify and classify malware.
Start Now
ClamAV
Antivirus
Open-source antivirus engine for detecting malware.
Start Now
Bitdefender Antivirus
Antivirus
Commercial antivirus offering malware protection.
Start Now
← Back to Home