Pentesting Toolset

This is a list of our toolset that we recommend for running pentests. You know or you want to know something else? Ask us!

Helper Tools

For this	We use this
Screenshots	Flameshot, ksnip, Skitch (MacOS)
Note Taking	SysReptor, Joplin, One Note
Diagrams	drawio-desktop

For this	We use this
Encoding/Decoding	CyberChef
Data Leak Lookup	Kaduu, HIBP
Vulnerability Scans	Nessus Professional
Source Code Scanning	SonarQube
PW Cracking	hashcat
PW Lists	Weakpass
PW Cracking (non-sensitive hashes)	OnlineHashCrack
Open TCP Ports	portquiz

For this	We use this
Web App Testing	Burp Professional
Directory and File Search	dirsearch, wfuzz, gobuster
Web Spider and Endpoint Detection	gospider
Web Vuln Scanner	Burp Professional, nuclei
SSL Inspection	sslyze, tls-scanner
SQLi Exploitation	sqlmap
Cookie Cracking	cookiemonster
JWT Tampering	jwt_tool

For this	We use this
Authorization Testing	Autorize
JWT Testing	JSON Web Tokens
SAML Testing	SAML Raider
Endpoint Detection via JS	JS Link Finder
Additional Vuln Scans	Active Scan++, Upload Scanner, Log4Shell Scanner
HTTP Request Smuggling	HTTP Request Smuggler
ViewState Editing	ViewState Editor
Java Platform Scanner	J2EEScan
Pingback Detection	Collaborator Everywhere
sqlmap Integration	SQLiPy Sqlmap Integration

We offer a list of precompiled tools at GitHub.

For this	We use this
AD Enumeration	BloodHound, ADRecon, CrackMapExec
AD CS abuse	Certify, Certipy
AD Queries	PowerView, SeatBelt
AD Analysis	PingCastle, PurpleKnight
DNS Dump	adidnsdump
Windows Password Extraction	mimikatz, lsassy
Local Credential Extraction	LaZagne
Powershell Runspace	Stracciatella
Post Exploitation	Powershell Empire
MachineAccountQuota/DNS Exploitation	Powermad
Kerberos Interactions	Rubeus
Network Protocol Attacks	Impacket, Responder, Inveigh
Local Privesc	SharpUp, WinPEAS, LinPEAS, Crassus
Local Process Monitoring	Process Monitor