Skip to content

Pentesting Toolset

This is a list of our toolset that we recommend for running pentests. You know or you want to know something else? Ask us!

Helper Tools

For this We use this
Screenshots Flameshot, ksnip, Skitch (MacOS)
Note Taking SysReptor, Joplin, One Note
Diagrams drawio-desktop

Pentests in General

For this We use this
Encoding/Decoding CyberChef
Data Leak Lookup Kaduu, HIBP
Vulnerability Scans Nessus Professional
Source Code Scanning SonarQube
PW Cracking hashcat
PW Lists Weakpass
PW Cracking (non-sensitive hashes) OnlineHashCrack
Open TCP Ports portquiz

Web Tests

For this We use this
Web App Testing Burp Professional
Directory and File Search dirsearch, wfuzz, gobuster
Web Spider and Endpoint Detection gospider
Web Vuln Scanner Burp Professional, nuclei
SSL Inspection sslyze, tls-scanner
SQLi Exploitation sqlmap
Cookie Cracking cookiemonster
JWT Tampering jwt_tool

Burp Plugins

For this We use this
Authorization Testing Autorize
JWT Testing JSON Web Tokens
SAML Testing SAML Raider
Endpoint Detection via JS JS Link Finder
Additional Vuln Scans Active Scan++, Upload Scanner, Log4Shell Scanner
HTTP Request Smuggling HTTP Request Smuggler
ViewState Editing ViewState Editor
Java Platform Scanner J2EEScan
Pingback Detection Collaborator Everywhere
sqlmap Integration SQLiPy Sqlmap Integration

Active Directory & Windows Tests

We offer a list of precompiled tools at GitHub.

For this We use this
AD Enumeration BloodHound, ADRecon, CrackMapExec
AD CS abuse Certify, Certipy
AD Queries PowerView, SeatBelt
AD Analysis PingCastle, PurpleKnight
DNS Dump adidnsdump
Windows Password Extraction mimikatz, lsassy
Local Credential Extraction LaZagne
Powershell Runspace Stracciatella
Post Exploitation Powershell Empire
MachineAccountQuota/DNS Exploitation Powermad
Kerberos Interactions Rubeus
Network Protocol Attacks Impacket, Responder, Inveigh
Local Privesc SharpUp, WinPEAS, LinPEAS, Crassus
Local Process Monitoring Process Monitor