Penetration Testing Tools
- 01. Burp Suite Professional - Faster and more reliable security testing
- 02. sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws
- 03. Aircrack-ng is a complete suite of tools to assess WiFi network security
- 04. Wireshark is a network protocol analyzer.
- 05. Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing.
- 06. Metasploit - The world’s most used penetration testing framework
- 07. Hashcat is a popular open-source password cracking tool used by both hacker and ethical hacker communities.
- 08. The WPScan CLI tool is a free, for non-commercial use, black box WordPress security scanner
- 09. Nessus is the gold standard for vulnerability assessment.
- 10. Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework
- 11. Kali Linux is a Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
- 12. OWASP Zed Attack Proxy (ZAP) - An web application scanner
- 13. Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework
- 14. Netsparker makes application security testing simple, reliable, and scalable.
- 15. BeEF(The Browser Exploitation Framework) is a penetration testing tool that focuses on the web browser
- 16. Acunetix is an application security testing solution for securing your websites, web applications, and APIs
- 17. Ettercap is a comprehensive suite for man in the middle attacks.
- 18. John the Ripper is an Open Source password security auditing and password recovery tool
- 19. Scanner for DOM XSS and Client-side Security
- 20. ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
- 21. Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers
- 22. FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing.
- 23. SperScan - A TCP port scanner
- 24. Sqlninja - a SQL Server injection & takeover tool
- 25. w3af is a Web Application Attack and Audit Framework.
- 26. Traceroute NG - Perform accurate network path analysis
- 27. Indusface - A Web applications security tool
- 28. Intruder is an online vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.