Your daily toolbox as a pentester

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/cybersecurity

Our great sponsors
  • Scout APM - Less time debugging, more time building
  • SonarLint - Clean code begins in your IDE with SonarLint
  • SaaSHub - Software Alternatives and Reviews
  • hackingtool

    ALL IN ONE Hacking Tool For Hackers

    Hacking Tool : this GitHub provides a huge software toolbox holding many hacking tools

  • securitytools

    quality opensauce projects 👨‍👩‍👧‍👦📓🔎

    Security Tools : another GitHub gathering a lot of hacking tools

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • SQLMap

    Automatic SQL injection and database takeover tool

    Sqlmap is useful to search SQL injections

  • testssl.sh

    Testing TLS/SSL encryption anywhere on any port

    testssl is useful to search for TLS issues

  • feroxbuster

    A fast, simple, recursive content discovery tool written in Rust.

    feroxbuster to do some web app browsing (you have also gobuster)

  • gobuster

    Directory/File, DNS and VHost busting tool written in Go

    feroxbuster to do some web app browsing (you have also gobuster)

  • mimikatz

    A little tool to play with Windows security

    mimikatz is a tool useful to work on Windows security, for example to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory

  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  • BloodHound

    Six Degrees of Domain Admin

    BlookdHound is useful to reveal the hidden and often unintended relationships within an Active Directory or Azure environment

  • awesome-hacker-search-engines

    A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more

    Awsome Hacker Search Engines : this GitHub gathers web sites to search some exploits and tools, depending on some hacking categories

  • SecLists

    SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

    Sec Lists : this GitHub provides a lots of lists useful during penetration testing (like common usernames, passwords, URLs, sensitive data patterns, etc ...)

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts