Every now and then you may ask yourself if the tools you are using are working as good as they can, most times you’d be disappointed to know there’s a shiny newer tool that does everything you wanted the old one to do and more. For that matter I’ve compiled a list of my favorite tools that I use pretty much daily.
I’ll break them down per category, for readiness purposes, feel free to view each and every tool independently by clicking their corresponding link. Shall we begin?
The type of tools you’d probably want to use in order to discover basic information about your target.
Looking for more pages/files on a website? use the tool below and find them.
- Gobuster - Directory/File, DNS and VHost Busting Tool.
Sometimes we have to fuzz in order to find an attack vector, in that case I’d use these:
A bunch of exploits and utilities packed into a big framework,
Empire is Windows-only though.
SQL Injection tools for automatic exploitation, because going manual usually takes a lot of time.
- sqlmap - Automatic SQLi and Database Takeover Tool.
- NoSQLMap - Automated NoSQL Database Enumeration Tool.
In need of a reverse/socks5 proxy or a tunnel? I’ve got your covered:
If you are in need of tools to reverse a binary you’d probably want to check out the tools below.
Text editors for days. Sublime is not on the list because it’s a paid software.
Looking for quality wordlists to crack and/or find anything? These resources will save you a lot of time:
- Seclists - A Huge Collection of Wordlists.
- Crackstation - Huge Password Wordlist.
- CeWL - Custom Wordlist Generator.
Use these if you need to inspect/sniff packets.
The coolest tools if you’d ask me. You can find a great deal of information with OSINT these days.
- Twint - Twitter Scraping & OSINT Tool.
- recon-ng - Open Source Intelligence Gathering Tool.
- theharvester - E-mails, Subdomains and Names Harvester.
- Google - Google Dorking.
Need to crack a hash? Here you go. Try using
Crackstation first though, if your hash is of a common type, of course.
- hashcat - Hash Cracking/Password Recovery Utility.
- john - Fast Password Cracker.
- Crackstation - Online Password Hash Cracker.
The biggest exploit database you will find.
- exploit-db - Exploit Database.
BOF (Mostly CTF)
A collection of tools for when you encounter a buffer overflow vulnerability.
Privilege escalation checkers for both platforms, so you won’t miss anything. I personally never use the Linux ones but you might find them useful.
- lse - Linux Enumeration Tool.
- LinEum - Scripted Local Linux Enumeration & Privilege Escalation Checks.
- winPEAS - Local Windows Privilege Escalation Enumerator.
- PowerUp - Clearing House of Common Privilege Escalation Checks.
Windows helper for advanced privilege escalation paths through Active Directory.
Thanks for reading and happy hacking!