Let's document: pen-testing tools

A tracking issue for penetration testing [tools](https://www.kali.org/tools/all-tools/).

# Information Gathering:

- [ ] ace-voip
- [ ] amap → #9201
- [ ] APT2
- [x] arp-scan → #1699 
- [ ] asnmap → #16475 
- [ ] Automater
- [ ] bing-ip2hosts
- [x] braa → #9041
- [ ] CaseFile
- [ ] cdncheck
- [ ] CDPSnarf
- [ ] cisco-torch
- [ ] cloudlist
- [ ] copy-router-config
- [ ] DMitry
- [ ] dnmap
- [ ] dnsenum → #9195
- [x] dnsmap → #8706 
- [ ] DNSRecon
- [x] dnstracer → #8707
- [ ] dnswalk
- [x] dnsx → #12618 
- [ ] DotDotPwn
- [ ] enum4linux
- [ ] enumIAX
- [ ] EyeWitness
- [ ] Faraday
- [ ] Fierce
- [ ] Firewalk
- [ ] fragroute
- [ ] fragrouter
- [ ] Ghost Phisher
- [ ] GoLismero
- [ ] goofile
- [ ] gophish
- [x] hping3 → #7147 
- [x] httpx → #12279 
- [ ] ident-user-enum
- [ ] ike-scan
- [ ] InSpy
- [ ] InTrace
- [ ] iSMTP
- [ ] king phisher
- [ ] lbd
- [ ] Maltego Teeth
- [x] masscan → #6986
- [ ] Metagoofil
- [ ] Miranda
- [x] naabu → #12206 
- [ ] nbtscan-unixwiz
- [ ] netdiscover
- [X] Nikto → #1793
- [x] Nmap #66 
- [ ] ntop
- [ ] OSRFramework
- [ ] p0f
- [ ] Parsero
- [x] Recon-ng → #16121
- [ ] SET
- [ ] shuffledns
- [x] SMBMap → #7053
- [ ] smtp-user-enum
- [ ] snmp-check
- [ ] SPARTA
- [ ] sslcaudit
- [ ] SSLsplit
- [ ] sslstrip
- [ ] SSLyze
- [x] subfinder → #2178
- [x] Sublist3r → #4912
- [ ] THC-IPV6
- [x] theHarvester → #4912
- [ ] TLSSLed
- [ ] twofi
- [ ] Unicornscan
- [ ] URLCrazy
- [x] tcpdump → #138 
- [x] tshark (wireshark) → #2758
- [ ] WOL-E
- [ ] Xplico
- [ ] ~~zenmap~~ GUI (Nmap) → #66
- [x] zmap → #16056 

# Vulnerability Analysis:

- [ ] BBQSQL
- [ ] BED
- [ ] beef-xss
- [ ] cisco-auditing-tool
- [ ] cisco-global-exploiter
- [ ] cisco-ocs
- [ ] cisco-torch
- [ ] copy-router-config
- [ ] Doona
- [ ] DotDotPwn
- [ ] HexorBase
- [ ] ~~jSQL Injection~~ GUI
- [x] Lynis → #3034
- [ ] mdb-sql
- [ ] msfpc
- [x] msfconsole → #13285
- [ ] ~~nessus~~ GUI
- [x] Nmap → #66 
- [x] nuclei → #12252 
- [ ] ohrwurm
- [ ] openvas
- [ ] Oscanner
- [ ] Powerfuzzer
- [ ] sfuzz
- [ ] setoolkit
- [x] searchsploit → #6826
- [ ] SidGuesser
- [ ] SIPArmyKnife
- [ ] sqlitebrowser
- [x] sqlmap → #2412 
- [ ] Sqlninja
- [ ] sqlsus
- [ ] THC-IPV6
- [ ] tnscmd10g
- [ ] unix-privesc-check
- [ ] vuls
- [ ] Yersinia

# Wireless Attacks

- [ ] Airbase-ng
- [x] Aircrack-ng → #9913
- [x] Airdecap-ng → #9974
- [ ] Airdecloak-ng
- [x] Aireplay-ng → #9333
- [ ] airgeddon
- [ ] airgraph-ng
- [x] Airmon-ng → #4974
- [x] Airodump-ng → #9114 
- [ ] airodump-ng-oui-update
- [ ] Airolib-ng
- [ ] Airserv-ng
- [ ] Airtun-ng
- [ ] Asleap
- [ ] Besside-ng
- [ ] Bluelog
- [ ] BlueMaho
- [ ] Bluepot
- [ ] BlueRanger
- [ ] Bluesnarfer
- [x] Bully → #9561
- [ ] chirpw
- [ ] coWPAtty
- [x] crackle → #13425
- [ ] cutycapt
- [ ] eapmd5pass
- [ ] Easside-ng
- [ ] Fern Wifi Cracker
- [ ] FreeRADIUS-WPE
- [ ] Ghost Phisher
- [ ] GISKismet
- [ ] Gqrx
- [ ] gr-scan
- [ ] hostapd-wpe
- [ ] ivstools
- [ ] kalibrate-rtl
- [ ] keepnote
- [ ] KillerBee
- [x] Kismet  → #10606
- [ ] makeivs-ng
- [ ] mdk3
- [x] mdk4 → #16688 
- [ ] mfcuk
- [ ] mfoc
- [ ] mfterm
- [ ] Multimon-NG
- [ ] Packetforge-ng
- [ ] phishx
- [ ] PixieWPS
- [x] Pyrit → #9230
- [ ] Reaver
- [ ] redfang
- [ ] recordmydesktop
- [ ] RTLSDR Scanner
- [ ] Spooftooph
- [ ] Tkiptun-ng
- [ ] Wesside-ng
- [ ] Wifi Honey
- [ ] wifiphisher
- [ ] wifi pumpkin
- [ ] Wifitap
- [ ] Wifite
- [ ] wpaclean

# Web Applications

- [ ] apache-users
- [ ] Arachni
- [ ] BBQSQL
- [ ] BlindElephant
- [x] Burp Suite → #9104
- [ ] CutyCapt
- [ ] DAVTest
- [ ] deblaze
- [x] DIRB → #6960 
- [ ] DirBuster
- [X] ffuf → #6183 
- [ ] fimap
- [ ] FunkLoad
- [x] Gobuster → #5188
- [ ] Grabber
- [ ] hURL
- [ ] httrack
- [ ] jboss-autopwn
- [ ] joomscan
- [ ] ~~jSQL Injection~~ GUI
- [x] katana → #12619 
- [ ] Maltego Teeth
- [x] Nikto → #1793
- [ ] OWASP ZAP
- [ ] PadBuster
- [ ] Paros
- [ ] Parsero
- [ ] plecost
- [ ] Powerfuzzer
- [ ] ProxyStrike
- [ ] Skipfish
- [x] sqlmap → #2412 
- [ ] Sqlninja
- [ ] sqlsus
- [ ] ua-tester
- [ ] Uniscan
- [ ] w3af
- [ ] WebScarab
- [ ] Webshag
- [ ] WebSlayer
- [ ] WebSploit
- [x] Wfuzz → #9896 
- [ ] WhatWeb
- [ ] WPScan
- [ ] XSSer
- [ ] zaproxy

# Forensics Tools

- [ ] ~~autopsy~~ GUI tool. It's backend is The Sleuth Kit
- [ ] The Sleuth Kit
- [x] Binwalk → #3943 
- [ ] bulk-extractor
- [ ] Capstone
- [ ] chkrootkit
- [ ] chntpw
- [ ] Cuckoo
- [ ] dc3dd
- [ ] ddrescue
- [ ] DFF
- [ ] diStorm3
- [ ] Dumpzilla → #7303
- [ ] extundelete
- [ ] Foremost
- [ ] ~~Galleta~~ Has not been updated in 15 years and is used only for a deprecated browser
- [ ] ~~Guymager~~ GUI tool
- [ ] iPhone Backup Analyzer
- [x] mat2 → #3207 
- [ ] p0f
- [ ] pdf-parser
- [ ] pdfid
- [ ] pdgmail
- [ ] peepdf
- [ ] RegRipper
- [ ] Volatility
- [ ] Xplico

# Stress Testing

- [ ] DHCPig
- [ ] FunkLoad
- [ ] iaxflood
- [ ] Inundator
- [ ] inviteflood
- [ ] ipv6-toolkit
- [ ] Reaver
- [ ] rtpflood
- [ ] SlowHTTPTest
- [ ] t50
- [ ] Termineter
- [ ] THC-IPV6
- [ ] THC-SSL-DOS

# Sniffing & Spoofing

- [ ] arpspoof
- [ ] bettercap
- [X] Burp Suite → #9104
- [ ] DNSChef
- [ ] driftnet
- [ ] dsniff
- [ ] fiked
- [ ] hamster-sidejack
- [ ] HexInject
- [ ] ettercap
- [ ] iaxflood
- [ ] inviteflood
- [ ] iSMTP
- [ ] isr-evilgrade
- [x] macchanger → #4087
- [x] mitmproxy →  #743
- [x] netcat → #145
- [ ] netsniff-ng
- [ ] ohrwurm
- [ ] protos-sip
- [ ] rebind
- [ ] responder
- [ ] rtpbreak
- [ ] rtpinsertsound
- [ ] rtpmixsound
- [ ] scapy
- [ ] sctpscan
- [ ] SIPArmyKnife
- [ ] SIPp
- [ ] SIPVicious
- [ ] SniffJoke
- [ ] SSLsplit
- [x] sslstrip → #12681
- [ ] THC-IPV6
- [ ] VoIPHopper
- [ ] WebScarab
- [ ] Wifi Honey
- [ ] ~~Wireshark~~ GUI tool, terminal equivalent is tshark
- [ ] xspy
- [ ] Yersinia
- [ ] zaproxy

# Password Attacks

- [ ] BruteSpray
- [X] Burp Suite → #9104
- [x] CeWL → #3945 
- [ ] chntpw
- [ ] cisco-auditing-tool
- [ ] CmosPwd
- [ ] creddump
- [ ] crowbar
- [x] crunch → #4719 
- [ ] fcrackzip
- [ ] findmyhash
- [ ] gpp-decrypt
- [ ] hash-identifier
- [x] Hashcat → #5900
- [ ] hashdeep
- [ ] HexorBase
- [ ] THC-Hydra → #3468 
- [x] John the Ripper → #3964 
- [ ] Johnny
- [ ] keimpx
- [ ] Maltego Teeth
- [ ] Maskprocessor
- [x] medusa → #3899
- [ ] multiforcer
- [ ] Ncrack
- [ ] oclgausscrack
- [ ] ophcrack
- [ ] PACK
- [x] patator → #16054 
- [ ] phrasendrescher
- [ ] polenum
- [ ] RainbowCrack
- [ ] rcracki-mt
- [ ] RSMangler
- [x] ~SecLists~ (a collection of wordlists, no executable)
- [ ] SQLdict
- [ ] Statsprocessor
- [ ] THC-pptp-bruter
- [ ] TrueCrack
- [ ] WebScarab
- [ ] wordlists
- [ ] zaproxy

# Maintaing Access

- [ ] beroot
- [x] ~~bloodhound~~ GUI Visualize data collected from [SharpHound](https://github.com/SpecterOps/SharpHound)
- [ ] SharpHound
- [x] CryptCat → #7226
- [ ] Cymothoa
- [ ] dbd
- [ ] dns2tcp
- [ ] dnscat2
- [ ] empire
- [ ] HTTPTunnel
- [ ] Intersect
- [ ] koadic
- [ ] meterpreter
- [ ] mimikatz
- [ ] Nishang
- [ ] polenum
- [ ] PowerSploit
- [ ] pupy
- [ ] pwnat
- [ ] pwncat
- [ ] RidEnum
- [ ] sbd
- [ ] shellter
- [ ] U3-Pwn
- [ ] Webshells
- [ ] Weevely
- [ ] Winexe

# Reverse Engineering

- [ ] angr
- [x] apktool → #4053
- [ ] dex2jar
- [ ] diStorm3
- [ ] edb-debugger
- [ ] ghidra
- [ ] jad
- [ ] javasnoop
- [ ] ~~JD-GUI~~ (Java Decompiler GUI)
- [ ] radare2
- [ ] OllyDbg
- [ ] smali
- [x] Valgrind → #1407 
- [ ] YARA

# Hardware Hacking

- [ ] androguard
- [ ] android-sdk
- [ ] android tamer
- [x] apktool → #4053 
- [ ] Arduino
- [ ] dex2jar
- [ ] frida
- [ ] mastg
- [ ] mobsf
- [ ] nethunter
- [ ] quark engine
- [ ] Sakis3G
- [ ] smali

# Reporting Tools

- [ ] CaseFile
- [ ] cherrytree
- [ ] CutyCapt
- [ ] defectdojo
- [x] dos2unix → #4024 
- [ ] Dradis
- [ ] Lair-framework
- [ ] MagicTree
- [ ] Metagoofil
- [ ] Nipper-ng
- [ ] pipal
- [ ] RDPY
- [ ] serpico

# Exploit Development

- [ ] armitage
- [ ] commix 
- [ ] exploit pack
- [ ] metasploit
- [x] msfvenom #3476 
- [ ] ptf
- [x] pwntools #12352 
- [ ] ropper
- [ ] routersploit
- [ ] shellnoob
- [ ] ysoserial

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Let's document: pen-testing tools #6863

Information Gathering:

Vulnerability Analysis:

Wireless Attacks

Web Applications

Forensics Tools

Stress Testing

Sniffing & Spoofing

Password Attacks

Maintaing Access

Reverse Engineering

Hardware Hacking

Reporting Tools

Exploit Development

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Let's document: pen-testing tools #6863

Description

Information Gathering:

Vulnerability Analysis:

Wireless Attacks

Web Applications

Forensics Tools

Stress Testing

Sniffing & Spoofing

Password Attacks

Maintaing Access

Reverse Engineering

Hardware Hacking

Reporting Tools

Exploit Development

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions