Penitration Testing Tools

Sr.No. 1 Main Category Information Gathering Sub-Category-1 Network Analysis Sub-Category-2 OS Fingerprinting Testing Tools nmap, p0f, sctpscan, xprobe2, Zenmap autoscan, implementation6, inplementation6d, lanmap2, nmap, zenmap, netifera, scapy, dcntest,unicornscan, unicornscan-pgsql-setup

Network Scanners

Network Traffic Analysis DNS Analysis

IdentifyLive Hosts

IDS IPS Identification Route Analysis

scapy, tcpdump, tshark, wireshark, xplico, xplico web gui dnsmap, dnsdict6, dnsenum, dnsrecon, dnstracer, dnswalk, fierce, lbd, maltego, reverseriader 0trace, alive6, arping, detect-new-ip6, fping, hping2, hping3, netdiscover, netifera, nmap, nping, pbnj, sctpscan, svwar, trace6, traceoute, zenmap fragroute, fragrouter, ftester, hexinject, sniffjoke, pytbull dmitry, irpas_suite, itrace, lanmap2, netenum, netmask, protos, scapy, tcptraceroute, tctrace amap, dmitry, httprint, httsquash, miranda, nbtscan, ncat, nmap, sslscan, zenmap samrdump, smbclient maltego, nmap, smtprc, smtpscan, smtp-userenum, swaks, zenamp admsnmp, braa, onesixtyone, snmpcheck, snmpenum

Service Fingerprinting SMB Analysis SMTP Analysis SNMP Analysis

Page 1 of 7

Sr.No.

Main Category

Sub-Category-1

Sub-Category-2 SSL Analysis Telephony Analysis VOIP Analysis OSINT Analysis VPN Analysis

Testing Tools ssldump, sslh, sslsniff, sslstrip, testssl.sh, thcsslcheck, tlssled iwar, svmap, warvox, dedected iwar, smap, ace, sip-scan, enumiax creepy fiked, ike-scan blindelephant, cms-explorer, whatweb, wpscan ua-tester, waffit ghdb, maltego, revhosts, revhosts-cli, xssed webshag-cli, webshag-gui, sqlscan sqlbrute, sqlmap, sqlninja, sqllhf, sqldict sqlmap sqlbrute, sqlmap, osd, ose, dbpwaudit, getsids, opwg, oscanner, otnsctl, sidguesser, oquery, opwg bluediving, btscanner airodump-ng, qiskismet, kismet, pcapdump, ssidsniff, wifitap, xgps Nessus register, nessus start, nessus user add

Web Application Analysis

CMS Identification IDS IPS Identification Open Source Analysis Web Crawlers

Database Analysis

MSSQL Analysis MySQL Analysis Oracle Analysis

Wireless Analysis

BlueTooth Analysis WLAN Analysis

Vulnerability Assessment

Vulnerability Scanners

Nessus

Page 2 of 7

2 Vulnerability Main Category Sr.No. Assessment

Vulnerability Scanners Sub-Category-1

Sub-Category-2

Testing Tools Openvas adduser, Openvas check Setup, Openvas Mkcert, Openvas NVT Sync, Start Greenbone Security Assistant, Start Greenbone Security Desktop, Start Openvas Administrator, Start Openvas Cli, Start Opnevas Manager, Start Openvas Scanner, Stop Greenbone Security Assistant, Stop Opnevas adminstrator, Stop Openvas Cli, Stop Openvas Manager, Stop Openvas Scanner

OpenVAS

mantra Network Assessment Cisco Tools Network Fuzzers Open Source Assessment VOIP Fuzzers Web Application Assessment CMS Vulnerability Identification Web Application Fuzzers Web Application Proxies Web Open Source Assessment
Web Vulnerability Scanners

cisco-auditing-tool, cisco-ocs, cisco passwd scanner, copy-router-config, merge-routerconfig, Cisco-torch, tftp-bruteforce bed, fuzz_ip6, sfuzz, sickfuzz, spike mitre-cve, osvdb ohrwurm, protos-sip, voiper ioomscan, plecost, wpscan dirbuster, powerfuzzer, rfuzz, untidy, webshagcli, webshag-gui, webslayer, xssfuzz, xssfuzzstart, xssfuzz-stop burpsuite, owasp-zap goohost, gooscan, metagoofil, mitre-cve, osvdb, shodan, theharvestr
asp-auditor, burpsuite, grabber, grendel-scan, mopest, nikto, skipfish, sqlmap, w3af console, w3af gui, wapiti, wstool, owasp-zap, proxystrike, vega, webscarab, uniscan

Page 3 of 7

Sr.No.

Main Category

Sub-Category-1
Database Assessment

Sub-Category-2
MSSQL Assessment MySQL Assessment Oracle Assessment

Testing Tools
sqlbrute, sqlmap, sqlninja, sqllhf, sqldict sqlmap sqlbrute, sqlmap, osd, ose, dbpwaudit, getsids, opwg, oscanner, otnsctl, sidguesser, oquery, opwg cisco-global-exploiter, tftp-bruteforce fasttrack-cli, fasttrack-interactive, fasttrack-web armitage, msfcli, msfconsole, msfupdate sapyto isr-evilgrade asp-auditor, darksqli, fimap, padbuster, sqlmap, sslstrip, w3af console, w3af gui, xsser, websecurify, sqlninja, oscanner sqlmap, sqlninja sqlmap sqlmap, sqlninja, osd, ose, dbpwaudit, getsids, opwg, oscanner, otnsctl, sidguesser, oquery, opwg atshell, bluediving, bluemaho, btftp, redfang aircrack-ng, airmon-ng, airodump-ng, freeradius-wpe, freeradui-wpe setup, gerix-wificracker-ng, pcapgetiv, weakivgen, wepcrack beef, beef-ng honeyd, honeydctl, spamhole

Exploitation Tools

Network Exploitation Tools

Cisco Attacks Fast-Track Metasploit Framework SAP Exploitation

Web Exploitation Tools Database Exploitation Tools MSSQL Exploitation Tools MySQL Exploitation Tools Oracle Exploitation Tools Wireless Exploitation Tools BlueTooth Exploitation Tools WLAN Exploitation Tools Social Engineering Tools

BEEF XSS Framework Honeypots

Page 4 of 7

Social Engineering Tools

Sr.No.

Main Category

Sub-Category-1

Sub-Category-2
Social Engineering ToolKit set, set-web

Testing Tools

Open Source Exploitation

Exploit-DB Online Archives

exploitdb directory, exploitdb search securityfocus, osvdb, mitre-cve oclhashcat+ (ATI), oclhashcat+(Nvidia) asleep, chntpw, cowpatty, cupp, dictstat, eapmd5pass, fcrackzip, genkeys, hashcat, hashcat-utils, john the ripper, maskgen, oclhashcat+(Nvidia), oclhashcat+(ATI), oclhashcat-lite(ATI), oclhashcat-lite(Nvidia), policygen, sipcrack, sipdump, crunch cewl, hydra, hydra-gtk, medusa, ncrack, svcrack, keimpx, sqldict, sqllhf videojak rtpinject, rtpinsertsound, rtpmixsound tcpdump, wireshark, tshark, ettercap-gtk, ettercap-ng, dsniff, fake_router6, driftnet, parasite6, redir6, scapy, darkstat, ferret, hamster rtpbreak, voipctl, voipong, ferret fake_mipv6, fake_router6, fake_mld26, fake_mld6, fake_mldrouter6, fiked, fuzz_advertise6, hexinject, redir6, thcping6, yersinia sipsak, voiphopper cymothoa, msfencode, msfpayload, sbd 3proxy, cryptcat, dns2tcp, iodione, miredo, ping tunnel, proxychains, proxytunnel, pwnat, socat, sslh, stunnel4, tinyproxy, udptunnel

Privilege Escalation

Password Attacks

GPU Tools

Offline Attacks

Online Attacks Privilege Escalation Media Voice and Surveillance VOIP Tools Protocol Analysis Network Sniffers

VOIP Sniffers Spoofing Attacks Network Spoofing

VOIP Spoofing 5 Maintaning Access OS Backdoors

Tunneling

Page 5 of 7

Maintaning Access

Sr.No.

Main Category

Sub-Category-1

Sub-Category-2
Web Backdoors

Testing Tools
msfencode, msfpayload, webshells, weevely, gdb.py, install ida-pro free, ollydbg, strace.py, edb-debugger, flasm brute force hitag2, bruteforce mifare, calculate jcop mifare keys, continuous select tag, copy iso15693 tag, epassport read write clone, format mifare 1k value blocks, identify hf tag type, identify if tag type, jcop info, jcop mifare read write, jcop set atr hihistorical bytes, read acg reader eeprom, read if tag, read mifare, read tag, read write clone unique, reset g5 tag, select tag, set fdx-b id, test acg lahf

6 7

Reverse Engineering RFID Tools

RFID ACG

RFID Frosch

RFID PCSC

read write clone unique, reset hitag2 tag, set fdx-b id, test frosch reader bruteforce mifare, calculate jcop mifare keys, chip & pin info, continuous select tag, epassport read write clone, identify hf tag type, identify if tag type, jcop info, jcop mifare read write, jcop set atr historical bytes, read mifare, read tag, select tag, install atr historical bytes applet to jcop, install mifare applet to jcop, install vonjeek epassport emulator to jcop, install vonjeek epassport emulator to nokia denial6, dos-new-ip6, flood_advertise6, flood_router6, hping2, hping3, letdown, smurf6, sendpees6, siege, smurf6, udp-pl, t50 iaxflood, inviteflood, rtpflood, sipp mdk3 chkrootkit, rkhunter install truecrypt

Stress Testing Network Stress Testing VOIP Stress Testing WLAN Stress Testing

Forensics

Anti-Virus Forensic Tools Digital Anti Forensic

Page 6 of 7

Forensics

Sr.No.

Main Category

Sub-Category-1

Sub-Category-2
Digital Forensic Forensic Analysis Tools hexedit

Testing Tools

Forensic Carving Tools Forensic Hashing Tools Forensic Imaging Tools Forensic Suites Network Forensics Password Forensics Tools PDF Forensics Tools RAM Forensics Tools 10 Reporting Tools Evidence Management Media Capture 11 Miscellaneous Miscellaneous Network Miscellaneous Web

exiftool, missidentify, mork.pl, pref.pl, ptk, readpst, reglookup, stegdetect, vinetto, bulkextractor, evtparse.pl fatback, foremost, magicrescue, recoverjpeg, safecopy, scalpel, scrounge-ntfs, testdisk hashdeep, md5deep, sha1deep, sha256deep, tigerdeep, whirlpooldeep air, dc3dd, ddrescue, ewfacquire ptk, setup autopsy, sleuthkit, diffcli, dffui driftnet, p0f, tcpreplay, wireshark, xplico, xplico web gui, darkstat cmospwd, fcrackzip, samdump pdfid, pdf-parser, peepdf pdfbook, pdgmail, ptk, volatility, volafox dradis, keepnote, magictree, maltego, svreport

recordmydesktop genlist, install scapy dependencies, ipcalc, macchnager, Zenmap (as root) (GUI Port Scanner), Zenmap (GUI Port Scanner) pwntcha, wfuzz Keepnote

Page 7 of 7