pentesting.txt 1.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344
  1. Tools for Pen-Testing
  2. SCAPY
  3. Scapy is a CLI tool written in Python. It can be used to forge or decode packets and
  4. then send them out in the network.
  5. KISMET
  6. Kismet is a network analyser, packet sniffer and intrusion detection system for 802.11
  7. wireless LAN.
  8. WPSCAN
  9. WPScan is a black box WordPress vulnerability scanner. With it, you can check vulnerab-
  10. ilities in third-party themes, plugins, etc.
  11. OPHCRACK
  12. Ophcrack helps you crack Windows passwords by using LM hashes through rainbow tables.
  13. BEEF
  14. BeEF stands for browser exploitation framework. You can use it to assess the actual
  15. security posture of a target environment by hooking in web browsers and using them as
  16. client-side attack vectors.
  17. SQLMAP
  18. Sqlmap automates the process of detecting and exploiting SQL injection flaws to finger-
  19. print and then take over database servers, to access the underlying filesystem.
  20. SIEGE
  21. Siege is an HTTP load testing and benchmarking utility. It is designed to help web
  22. developers measure their web applications under duress attacks like DDoS.
  23. FIMAP
  24. Fimap is a Python tool which can help you find, prepare, audit, exploit and even google
  25. automatically for local and remote file inclusion bugs in web applications.
  26. ETTERCAP
  27. Ettercap helps you to simulate man-in-the-middle attacks on LAN. Ettercap works by
  28. putting the network interface into promiscuous mode and by ARP poisoning the target
  29. machines.
  30. OWASP ZAP
  31. ZAP is an acronym for the Zed Attack Proxy project. It is created by OWASP, the
  32. renowned web security-based foundation. ZAP can be used to find vulnerabilities in web
  33. applications.