Pentesting Tools I Use Everyday

This page summarizes the projects mentioned and recommended in the original post on dev.to
hardware-buttons linkedin-bot template-engine-js

InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  1. ZAP

    The ZAP by Checkmarx Core project

    Learn more about ZAP here: https://www.zaproxy.org/

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo

  3. ffuf

    Fast web fuzzer written in Go

    Learn more about ffuf here: https://github.com/ffuf/ffuf

  4. john

    John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

    Learn more about John the Ripper here: https://www.openwall.com/john/

  5. dirsearch

    Web path scanner

    Learn more about dirsearch here: https://github.com/maurosoria/dirsearch

  6. Metasploit

    Metasploit Framework

    Learn more about Metasploit here: https://www.metasploit.com/

  7. gau

    Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

    Learn more about gau here: https://github.com/lc/gau

  8. SQLMap

    Automatic SQL injection and database takeover tool

    Learn more about sqlmap here: https://sqlmap.org/

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  10. nuclei

    Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

    Learn more about nuclei here: https://nuclei.projectdiscovery.io/

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • ffuf/ffuf

    1 project | /r/RedSec | 3 May 2021

  • why brute force website url?

    1 project | /r/HowToHack | 11 Mar 2021

  • Bug Bounty Hidden Treasures

    1 project | dev.to | 26 Mar 2025

  • How to Explore an Exposed .git

    1 project | dev.to | 22 Aug 2024

  • Show HN: Pfuzz, a web fuzzer following the Unix philosophy

    6 projects | news.ycombinator.com | 21 Jan 2024
Loading...