Pentest tools
1 min read

Pentest tools

List of tools for pentesting.
Pentest tools

Recon

  • nmap : Port / Service scanner

Web

  • gobuster / wfuzz / ffuf : Bruteforce URL / VHOST / ...
  • burpsuite : Proxy for HTTP request
  • sqlmap : SQL injection tool
  • wpscan : Vulnerability scanner for Wordpress
  • nikto : Web vulnerability scanner
  • wappalyzer : Identify technologies used by a web page

CVE

  • Searchsploit / exploitdb : Find CVE
  • metasploit : Swissknife

Privilege escalation

  • linpeas / LinEnum : Enumerating scripts
  • linuxprivchecker : Check for CVE
  • psspy : Snoop processes

Password cracker

  • JohnTheRipper : CPU Password cracker
  • hashcat : GPU password cracker

Enjoying these posts? Subscribe for more