My Personal Favorite Hacking Tools

A complete list of the tools I use daily on my pentesting assessments and CTF competitions, from recon to post exploitation.

Published on May 27, 2020

Every now and then you may ask yourself if the tools you are using are working as good as they can, most times you’d be disappointed to know there’s a shiny newer tool that does everything you wanted the old one to do and more. For that matter I’ve compiled a list of my favorite tools that I use pretty much daily.

I’ll break them down per category, for readiness purposes, feel free to view each and every tool independently by clicking their corresponding link. Shall we begin?


The type of tools you’d probably want to use in order to discover basic information about your target.

  • Nmap - The Network Mapper.
  • dig - DNS Lookup Utility.
  • Wpscan - WordPress Security Scanner.


Looking for more pages/files on a website? use the tool below and find them.

  • Gobuster - Directory/File, DNS and VHost Busting Tool.


Sometimes we have to fuzz in order to find an attack vector, in that case I’d use these:

  • Wfuzz - Web Application Fuzzer.
  • fuff - Fast Web Fuzzer.


A bunch of exploits and utilities packed into a big framework, Empire is Windows-only though.

  • Metasploit - Metasploit Framework.
  • Empire - PowerShell/Python Post Exploitation Framework.


SQL Injection tools for automatic exploitation, because going manual usually takes a lot of time.

  • sqlmap - Automatic SQLi and Database Takeover Tool.
  • NoSQLMap - Automated NoSQL Database Enumeration Tool.


In need of a reverse/socks5 proxy or a tunnel? I’ve got your covered:

  • chisel - A fast TCP tunnel over HTTP.
  • Burpsuite - Proxy and Security Tools.


If you are in need of tools to reverse a binary you’d probably want to check out the tools below.

  • radare2 (cutter) - Reverse Engineering Framework.
  • dnSpy - .NET Debugger and Assembly Editor.

Text Editors

Text editors for days. Sublime is not on the list because it’s a paid software.

  • Atom - The Hackable Text Editor.
  • nano - Enhanced Free Pico Clone.


Looking for quality wordlists to crack and/or find anything? These resources will save you a lot of time:


Use these if you need to inspect/sniff packets.


The coolest tools if you’d ask me. You can find a great deal of information with OSINT these days.

  • Twint - Twitter Scraping & OSINT Tool.
  • recon-ng - Open Source Intelligence Gathering Tool.
  • theharvester - E-mails, Subdomains and Names Harvester.
  • Google - Google Dorking.


Need to crack a hash? Here you go. Try using Crackstation first though, if your hash is of a common type, of course.

  • hashcat - Hash Cracking/Password Recovery Utility.
  • john - Fast Password Cracker.
  • Crackstation - Online Password Hash Cracker.

Exploit Databases

The biggest exploit database you will find.

BOF (Mostly CTF)

A collection of tools for when you encounter a buffer overflow vulnerability.

  • ropstar - Automatic Exploit Generator.
  • pwntools - CTF Framework and Exploit Development Library.


Privilege escalation checkers for both platforms, so you won’t miss anything. I personally never use the Linux ones but you might find them useful.

  • lse - Linux Enumeration Tool.
  • LinEum - Scripted Local Linux Enumeration & Privilege Escalation Checks.
  • winPEAS - Local Windows Privilege Escalation Enumerator.
  • PowerUp - Clearing House of Common Privilege Escalation Checks.

Active Directory

Windows helper for advanced privilege escalation paths through Active Directory.

Thanks for reading and happy hacking!


Marlos Pomin
Full Stack Developer & Retoucher based in Brazil, also a casual pentester.