Documente Academic
Documente Profesional
Documente Cultură
Note: Below are the only tools which are installed by default in PentestBox. But you can
also install other tools through ToolsManager. To know the list of tools which can be
installed through ToolsManager, visit modules.pentestbox.org .
Let's say you want to use SQLMap, you can see it's description below on the Web
Application Scanner Section and you will find something like given below
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> sqlmap
The console above with sqlmap in it tells that if you need to use SQLmap then sqlmap
is the alias for it. If you are not aware about the tool and it's functions then type
something like sqlmap -h on console, it will display all the possible functions of that
tool, sqlmap in our case.
To keep everything in short, there's only the aliases of a tool below their name.
I hope you will enjoy using PentestBox :)
View our demo video below to know more about usage of PentestBox.
https://tools.pentestbox.org/ 1/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> burpsuite
C:\Users\Aditya Agrawal\Desktop
> commix
https://tools.pentestbox.org/ 2/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> dotdotpwn
fimap - fimap is a little python tool which can find, prepare, audit, exploit and
even google automaticly for local and remote file inclusion bugs in webapps.
fimap should be something like sqlmap just for LFI/RFI bugs instead of sql
injection. It's currently under heavy development but it's usable.
Author: Iman Karim
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> fimap
C:\Users\Aditya Agrawal\Desktop
> golismero
C:\Users\Aditya Agrawal\Desktop
> jSQL
Nikto - Nikto is an Open Source (GPL) web server scanner which performs
comprehensive tests against web servers for multiple items, including over 6700
potentially dangerous files/programs, checks for outdated versions of over 1250
servers, and version specific problems on over 270 servers.
Author: Cirt.net
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> nikto
https://tools.pentestbox.org/ 3/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> padbuster
SqlMap - sqlmap is an open source penetration testing tool that automates the
process of detecting and exploiting SQL injection flaws and taking over of
database servers. It comes with a powerful detection engine, many niche
features for the ultimate penetration tester and a broad range of switches lasting
from database fingerprinting, over data fetching from the database, to accessing
the underlying file system and executing commands on the operating system via
out-of-band connections.
Author: Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> sqlmap
Vega - Vega is a free and open source scanner and testing platform to test the
security of web applications. Vega can help you find and validate SQL Injection,
Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and
other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and
Windows.
Author: Subgraph
License: Eclipse Public License 1.0
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> vega
C:\Users\Aditya Agrawal\Desktop
> wpscan
Yasuo - Yasuo is a ruby script that scans for vulnerable 3rd-party web
applications. While working on a network security assessment (internal, external,
redteam gigs etc.), we often come across vulnerable 3rd-party web applications
or web front-ends that allow us to compromise the remote server by exploiting
https://tools.pentestbox.org/ 4/32
7/24/2017 PentestBox Tools
publicly known vulnerabilities. Some of the common & favorite applications are
Apache Tomcat administrative interface, JBoss jmx-console, Hudson Jenkins and
so on.
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> yasuo
Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web applications. It is
designed to be used by people with a wide range of security experience and as
such is ideal for developers and functional testers who are new to penetration
testing as well as being a useful addition to an experienced pen testers toolbox.
Author: Simon Bennetts
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> zap
C:\Users\Aditya Agrawal\Desktop
> burpsuite
Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web applications. It is
designed to be used by people with a wide range of security experience and as
such is ideal for developers and functional testers who are new to penetration
testing as well as being a useful addition to an experienced pen testers toolbox.
Author: Simon Bennetts
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> zap
https://tools.pentestbox.org/ 5/32
7/24/2017 PentestBox Tools
CMSmap - CMSmap is a python open source CMS scanner that automates the
process of detecting security flaws of the most popular CMSs. The main purpose
of CMSmap is to integrate common vulnerabilities for different types of CMSs in a
single tool.
Author: Dionach
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> cmsmap
C:\Users\Aditya Agrawal\Desktop
> droopescan
C:\Users\Aditya Agrawal\Desktop
> joomscan
C:\Users\Aditya Agrawal\Desktop
> wpscan
https://tools.pentestbox.org/ 6/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> vbscan
Web Crawlers
Dir Buster - DirBuster is a multi threaded java application designed to brute force
directories and files names on web/application servers.
Author: OWASP.org
License: Apache 2.0
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> dirbuster
Burp Suite - Burp Suite is an integrated platform for performing security testing of
web applications. Its various tools work seamlessly together to support the entire
testing process, from initial mapping and analysis of an application's attack
surface, through to finding and exploiting security vulnerabilities.
Author: Portswigger
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> burpsuite
Information Gathering
Angry IP Scanner - Angry IP Scanner (or simply ipscan) is an open-source and
cross-platform network scanner designed to be fast and simple to use. It scans IP
addresses and ports as well as has many other features. It is widely used by
network administrators and just curious users around the world, including large
and small enterprises, banks, and government agencies.
Author: Anton Keks
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> ipscan
https://tools.pentestbox.org/ 7/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> dnsrecon
C:\Users\Aditya Agrawal\Desktop
> golismero
C:\Users\Aditya Agrawal\Desktop
> instarecon
Nmap - Nmap ("Network Mapper") is a free and open source (license) utility for
network discovery and security auditing. Many systems and network
administrators also find it useful for tasks such as network inventory, managing
service upgrade schedules, and monitoring host or service uptime. Nmap uses
raw IP packets in novel ways to determine what hosts are available on the
network, what services (application name and version) those hosts are offering,
what operating systems (and OS versions) they are running, what type of packet
filters/firewalls are in use, and dozens of other characteristics. It was designed to
rapidly scan large networks, but works fine against single hosts. Nmap runs on all
major computer operating systems, and official binary packages are available for
Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap
executable, the Nmap suite includes an advanced GUI and results viewer
(Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility
for comparing scan results (Ndiff), and a packet generation and response analysis
tool (Nping).
Author: Fyodor
https://tools.pentestbox.org/ 8/32
7/24/2017 PentestBox Tools
License: GPLv2
Note: In order to use Nmap, you need to first install WinPcap Packet capturing
library which can be downloded from Winpcap.org.
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> nmap
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> ncat
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> ndiff
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> nping
C:\Users\Aditya Agrawal\Desktop
> responder
SnmpWalk - SnmpWalk allows you to detect a set of variables that are available
for reading on a certain device. You can obtain a full list or just part. By analyzing
the results of a network device scan obtained with SnmpWalk you can develop a
list of supported MIBs and, in this way, obtain full descriptions of variables and
possible values.
Author: SnmpSoft Company
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> snmpwalk
C:\Users\Aditya Agrawal\Desktop
> spiderfoot
C:\Users\Aditya Agrawal\Desktop
> testsslserver
SSlStrip - It will transparently hijack HTTP traffic on a network, watch for HTTPS
links and redirects, then map those links into either look-alike HTTP links or
homograph-similar HTTPS links. It also supports modes for supplying a favicon
which looks like a lock icon, selective logging, and session denial.
Author: Moxie Marlinspike
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> sslstrip
SSLyze - SSLyze is a Python tool that can analyze the SSL configuration of a
server by connecting to it. It is designed to be fast and comprehensive, and
should help organizations and testers identify misconfigurations affecting their
SSL servers.
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> sslyze
C:\Users\Aditya Agrawal\Desktop
> sslscan
https://tools.pentestbox.org/ 10/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> sublist3r
Subbrute - SubBrute is a community driven project with the goal of creating the
fastest, and most accurate subdomain enumeration tool. Some of the magic
behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent
DNS rate-limiting. This design also provides a layer of anonymity, as SubBrute
does not send traffic directly to the target's name servers.
Author: Mike Brooks
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> subbrute
C:\Users\Aditya Agrawal\Desktop
> automater
UrlCrazy - Generate and test domain typos and variations to detect and perform
typo squatting, URL hijacking, phishing, and corporate espionage.
Author: Andrew Horton
License: Non-Commercial
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> urlcrazy
https://tools.pentestbox.org/ 11/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> theharvester
C:\Users\Aditya Agrawal\Desktop
> wireshark
Exploitation Tools
Beef Project - BeEF is short for The Browser Exploitation Framework. It is a
penetration testing tool that focuses on the web browser.
Author: Wade Alcorn
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> beefproject
C:\Users\Aditya Agrawal\Desktop
> crackmapexec
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> msfconsole
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> msfvenom
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> msfelfscan
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> msfbinscan
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> msfpescan
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> msfd
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> msfmachscan
SqlMap - sqlmap is an open source penetration testing tool that automates the
process of detecting and exploiting SQL injection flaws and taking over of
database servers. It comes with a powerful detection engine, many niche
features for the ultimate penetration tester and a broad range of switches lasting
from database fingerprinting, over data fetching from the database, to accessing
the underlying file system and executing commands on the operating system via
out-of-band connections.
Author: Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> sqlmap
Password Attacks
https://tools.pentestbox.org/ 13/32
7/24/2017 PentestBox Tools
Password Attacks
Burp Suite - Burp Suite is an integrated platform for performing security testing of
web applications. Its various tools work seamlessly together to support the entire
testing process, from initial mapping and analysis of an application's attack
surface, through to finding and exploiting security vulnerabilities.
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> burpsuite
C:\Users\Aditya Agrawal\Desktop
> findmyhash
C:\Users\Aditya Agrawal\Desktop
> hashidentifier
C:\Users\Aditya Agrawal\Desktop
> hashcat-cli32
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> hashcat-cli64
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> hashcat-cliXOP
LaZagne - The LaZagne project is an open source application used to retrieve lots
of passwords stored on a local computer. Each software stores its passwords
using different techniques (plaintext, APIs, custom algorithms, databases, etc.).
https://tools.pentestbox.org/ 14/32
7/24/2017 PentestBox Tools
This tool has been developed for the purpose of finding these passwords for the
most commonly-used software. At this moment, it supports 22 Programs on
Microsoft Windows and 12 on a Linux/Unix-Like OS.
Author: AlessandroZ
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> lazagne
John the Ripper - John the Ripper is a fast password cracker, currently available
for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary
purpose is to detect weak Unix passwords. Besides several crypt(3) password
hash types most commonly found on various Unix systems, supported out of the
box are Windows LM hashes, plus lots of other hashes and ciphers in the
community-enhanced version.
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> johntheripper
Patator - Patator was written out of frustration from using Hydra, Medusa,
Ncrack, Metasploit modules and Nmap NSE scripts for password guessing
attacks. I opted for a different approach in order to not create yet another brute-
forcing tool and avoid repeating the same shortcomings. Patator is a multi-
threaded tool written in Python, that strives to be more reliable and flexible than
his fellow predecessors.
Author: Sebastien MACKE
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> patator
https://tools.pentestbox.org/ 15/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> rcrack
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rt2rtc
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rtc2rt
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rtgen
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rtsort
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rcrack_cl
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rcrack_cl_gui
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rcrack_cuda
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> rcrack_cuda_gui
https://tools.pentestbox.org/ 16/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> hydra
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> pw-inspector
Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web applications. It is
designed to be used by people with a wide range of security experience and as
such is ideal for developers and functional testers who are new to penetration
testing as well as being a useful addition to an experienced pen testers toolbox.
Author: Simon Bennetts
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> zap
Android Security
AndroBugs Framework - AndroBugs Framework is an Android vulnerability
analysis system that helps developers or hackers find potential security
vulnerabilities in Android applications. No splendid GUI interface, but the most
efficient (less than 2 minutes per scan in average) and more accurate.
Author: AndroBugs
Author: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androbugs
C:\Users\Aditya Agrawal\Desktop
> androapkinfo
cmd.exe
C:\Users\Aditya Agrawal\Desktop
https://tools.pentestbox.org/ 17/32
7/24/2017 PentestBox Tools
> androarsc
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androauto
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androaxml
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androcsign
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androdd
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androdiff
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androdis
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androgui
Androwarn - Androwarn is a tool whose main aim is to detect and warn the user
about potential malicious behaviours developped by an Android application.
Author: Thomas D
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> androwarn
ApkTool - A tool for reverse engineering 3rd party, closed, binary Android apps. It
can decode resources to nearly original form and rebuild them after making
some modifications; it makes possible to debug smali code step by step. Also it
makes working with an app easier because of project-like file structure and
automation of some repetitive tasks like building apk, etc.
https://tools.pentestbox.org/ 18/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> apktool
C:\Users\Aditya Agrawal\Desktop
> bytecodeviewer
C:\Users\Aditya Agrawal\Desktop
> d2j-dex2jar
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> d2j-dex2smali
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> d2j-jar2dex
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> d2j-decrypt-string
https://tools.pentestbox.org/ 19/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> jadx
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> jadx-gui
JD-GUI - JD-GUI is a standalone graphical utility that displays Java source codes
of .class files. You can browse the reconstructed source code with the JD-GUI
for instant access to methods and fields.
License: Free for Non-Commercial Use
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> jd-gui
Pidcat - Colored logcat script which only shows log entries for a specific
application package.
Author: Jake Wharton
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> pidcat
Reverse Engineering
ApkTool - A tool for reverse engineering 3rd party, closed, binary Android apps. It
can decode resources to nearly original form and rebuild them after making
some modifications; it makes possible to debug smali code step by step. Also it
makes working with an app easier because of project-like file structure and
automation of some repetitive tasks like building apk, etc.
Author: Connor Tumbleson, Ryszard Winiewski
License: Apache v2.0
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> apktool
C:\Users\Aditya Agrawal\Desktop
> d2j-dex2jar
https://tools.pentestbox.org/ 20/32
7/24/2017 PentestBox Tools
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> d2j-dex2smali
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> d2j-jar2dex
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> d2j-decrypt-string
Jad - Jad provides a command-line user interface to extract source code from
class files.
Author: Pavel Kouznetsov
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> jad
JD-GUI - JD-GUI is a standalone graphical utility that displays Java source codes
of .class files. You can browse the reconstructed source code with the JD-GUI
for instant access to methods and fields.
Author: Emmanuel Dupuy
License: Free for Non-Commercial Use
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> jd-gui
C:\Users\Aditya Agrawal\Desktop
> javasnoop
C:\Users\Aditya Agrawal\Desktop
> ollydbg
https://tools.pentestbox.org/ 21/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> radare2
C:\Users\Aditya Agrawal\Desktop
> radare2directory
cmd.exe
C:\PentestBox\bin\ReverseEngineering\radare2
$ radare2.exe -c=H rax2.exe
C:\Users\Aditya Agrawal\Desktop
> smali
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> baksmali
Stress Testing
THC-SSL-DOS - The THC-SSL-DOS tool is a Proof Of Concept tool to disclose
fishy security in SSL. It works great if the server supports SSL Renegotiation. It
still works if SSL Renegotiation is not supported but requires some modifications
and more bots before an effect can be seen.
Author: The Hackers Choice
License: GPLv2
https://tools.pentestbox.org/ 22/32
7/24/2017 PentestBox Tools
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> thc-ssl-dos
Sniffing
Burp Suite - Burp Suite is an integrated platform for performing security testing of
web applications. Its various tools work seamlessly together to support the entire
testing process, from initial mapping and analysis of an application's attack
surface, through to finding and exploiting security vulnerabilities.
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> burpsuite
C:\Users\Aditya Agrawal\Desktop
> dnschef
C:\Users\Aditya Agrawal\Desktop
> ettercap
ngrep - ngrep is a pcap-aware tool that will allow you to specify extended
regular expressions to match against data payloads of packets.
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> ngrep
https://tools.pentestbox.org/ 23/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> networkminer
C:\Users\Aditya Agrawal\Desktop
> responder
SSlStrip - It will transparently hijack HTTP traffic on a network, watch for HTTPS
links and redirects, then map those links into either look-alike HTTP links or
homograph-similar HTTPS links. It also supports modes for supplying a favicon
which looks like a lock icon, selective logging, and session denial.
Author: Moxie Marlinspike
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> sslstrip
C:\Users\Aditya Agrawal\Desktop
> windump
https://tools.pentestbox.org/ 24/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> wireshark
Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web applications. It is
designed to be used by people with a wide range of security experience and as
such is ideal for developers and functional testers who are new to penetration
testing as well as being a useful addition to an experienced pen testers toolbox.
Author: Simon Bennetts
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> zap
Forensic Tools
Bulk Extractor - bulk_extractor is a computer forensics tool that scans a disk
image, a file, or a directory of files and extracts useful information without
parsing the file system or file system structures. The results can be easily
inspected, parsed, or processed with automated tools. bulk_extractor also
created a histograms of features that it finds, as features that are more common
tend to be more important. The program can be used for law enforcement,
defense, intelligence, and cyber-investigation applications.
Author: Simson L. Garfinkel
License: GPLv2
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> bulkextractor
C:\Users\Aditya Agrawal\Desktop
> captipper
browsers to be analyzed. Due to its Python 3.x developement, might not work
properly in old Python versions, mainly with certain characters. Works under
Unix and Windows 32/64 bits systems. Works in command line interface, so
information dumps could be redirected by pipes with tools such as grep, awk,
cut, sed
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> dumpzilla
C:\Users\Aditya Agrawal\Desktop
> loki
C:\Users\Aditya Agrawal\Desktop
> make-pdf-embedded
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> make-pdf-javascript
https://tools.pentestbox.org/ 26/32
7/24/2017 PentestBox Tools
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> pdfsh
C:\Users\Aditya Agrawal\Desktop
> pedump
PDF Parser - This tool will parse a PDF document to identify the fundamental
elements used in the analyzed file. It will not render a PDF document.
Author: Didier Stevens
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> pdf-parser
pdfid - This tool is not a PDF parser, but it will scan a file to look for certain PDF
keywords, allowing you to identify PDF documents that contain (for example)
JavaScript or execute an action when opened. PDFiD will also handle name
obfuscation.
Author: Didier Stevens
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> pdfid
PeePDF - peepdf is a Python tool to explore PDF files in order to find out if the file
can be harmful or not. The aim of this tool is to provide all the necessary
components that a security researcher could need in a PDF analysis without
using 3 or 4 tools to make all the tasks. With peepdf its possible to see all the
objects in the document showing the suspicious elements, supports the most
used filters and encodings, it can parse different versions of a file, object streams
and encrypted files.
Author: Jose Miguel Esparza
License: GPLv3
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> peepdf
RAT Decoders - This Repo will hold a collection of Python Scripts that will extract
and decode the configuration settings from common rats.
Author: kevthehermit
https://tools.pentestbox.org/ 27/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> rekall
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> winpmem
C:\Users\Aditya Agrawal\Desktop
> volatility
Wireless Attacks
Aircrack-ng -Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program
that can recover keys once enough data packets have been captured. It
implements the standard FMS attack along with some optimizations like KoreK
attacks, as well as the all-new PTW attack, thus making the attack much faster
compared to other WEP cracking tools.
Author: Thomas dOtreppe, Original work: Christophe Devine
License: GPLv2
cmd.exe
https://tools.pentestbox.org/ 28/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> airbase-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> aircrack-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> aircrack-ng-GUI
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> airdecap-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> airdecloak-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> aireplay-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> airodump-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> airolib-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> airtun-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> besside-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
https://tools.pentestbox.org/ 29/32
7/24/2017 PentestBox Tools
> easside-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> ivstools
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> kstats
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> makeivs-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> packetforge-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> tkiptun-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> wesside-ng
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> wpaclean
Text Editors
To make PenetestBox more awesome, I have added Atom and vim as its text editors.
After opening Atom it will spilt up the screen with Atom on one side and your terminal
on the other side, while vim runs on the same tab. Atom splitting is done to make
reporting much more easier by giving access to console and editor on same screen.
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> atom
cmd.exe
https://tools.pentestbox.org/ 30/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> vim
Linux Utilities
PentestBox provides nearly all Linux utilities in an Windows Environment. Below are
the list of the Linux utilities which are inside PentestBox
antiword, basename, bash, bison, bzip2, cat, chmod, cmp, connect, cp, curl, cut, date,
diff, dirname, du, env, expr, false, find, flex, gawk, git, grep, gunzip, gzip, head, id, kill,
mkdir, md5sum, ls, ln , mv, openssl, patch, ps, rebase, rm, rmdir, scp, sh, ssh-keygen,
touch, tr, true, uname, uniq, unzip, wc, xargs
Also to make PentestBox more awesome we have also included HTTPie, HTTPie is a
command line HTTP client. Its goal is to make CLI interaction with web services as
human-friendly as possible. It provides a simple http command that allows for sending
arbitrary HTTP requests using a simple and natural syntax, and displays colorized
output. HTTPie can be used for testing, debugging, and generally interacting with HTTP
servers.
Browser
PentestBox also contains a modified version of Mozilla Firefox with all the security
addons pre installed in it. To see all the addons which are pre installed in it, click here
cmd.exe
C:\Users\Aditya Agrawal\Desktop
> firefox
cmd.exe
https://tools.pentestbox.org/ 31/32
7/24/2017 PentestBox Tools
C:\Users\Aditya Agrawal\Desktop
> sqlitebrowser
Disclaimer
All the tools contained in PentestBox belong to their individual developers whose
names are mentioned above along their respective tools. All credits to those tools go to
their respective developers. All the tools are maintained inside the bin folder, no
tool/product has been modified unless specified in the product description above.
Tools are directly fetched from the respective Github repositories and/or their product
websites. All Copyright Notice, License file, Disclaimer files are maintained in their
respective folder if given on their products site/pages.
The developer assumes no liability and is not responsible for any misuse or damage
caused by this program. Do not use it for illegal purposes!
https://tools.pentestbox.org/ 32/32