A penetration tool is a program or script used to break into a computer system or network. A white hat hacker, also known as an ethical hacker, is a computer security expert who specializes in penetration testing and finding vulnerabilities in systems.
Information Gathering Tools
- Ace-Voip
- Amap
- APT2
- Arp-Scan
- Automater
- Bing-ip2hosts
- Braa
- CaseFile
- CDPSnarf
- Cisco-Torch
- Copy-Router-Config
- DMitry
- Dnmap
- Dnsenum
- Dnsmap
- DNSRecon
- Dnstracer
- Dnswalk
- DotDotPwn
- Dnum4linux
- DnumIAX
- EyeWitness
- Faraday
- Fierce
- Firewalk
- Fragroute
- Fragrouter
- Ghost Phisher
- GoLismero
- Goofile
- Hping3
- Ident-User-Enum
- InSpy
- InTrace
- iSMTP
- LBD
- Maltego Teeth
- Masscan
- Metagoofil
- Miranda
- Nbtscan-Unixwiz
- Nikto
- Nmap
- NTop
- OSRFramework
- P0F
- Parsero
- Recon-NG
- SET
- SMBMap
- Smtp-User-Enum
- Snmp-Check
- SPARTA
- SSLcaudit
- SSLsplit
- SSLstrip
- SSLyze
- Sublist3r
- THC-IPV6
- TheHarvester
- TLSSLed
- Twofi
- Unicornscan
- URLCrazy
- Wireshark
- WOL-E
- Xplico
Vulnerability Analysis Tools
- BBQSQL
- BED
- Cisco-Auditing-Tool
- Cisco-Global-Exploiter
- Cisco-OCS
- Cisco-Torch
- Copy-Router-Config
- Doona
- DotDotPwn
- HexorBase
- jSQL Injection
- Lynis
- Nmap
- Ohrwurm
- Openvas
- Oscanner
- Powerfuzzer
- sfuzz
- SidGuesser
- SIPArmyKnife
- sqlmap
- Sqlninja
- sqlsus
- THC-IPV6
- tnscmd10g
- unix-privesc-check
- Yersinia
Exploitation Tools
- Armitage
- Backdoor Factory
- BeEF
- cisco-auditing-tool
- cisco-global-exploiter
- cisco-ocs
- cisco-torch
- Commix
- crackle
- exploitdb
- jboss-autopwn
- Linux Exploit Suggester
- Maltego Teeth
- Metasploit Framework
- MSFPC
- RouterSploit
- SET
- ShellNoob
- sqlmap
- THC-IPV6
- Yersinia
Wireless Attacks Tools
- Airbase-ng
- Aircrack-ng
- Airdecap-ng and Airdecloak-ng
- Aireplay-ng
- airgraph-ng
- Airmon-ng
- Airodump-ng
- airodump-ng-oui-update
- Airolib-ng
- Airserv-ng
- Airtun-ng
- Asleap
- Besside-ng
- Bluelog
- BlueMaho
- Bluepot
- BlueRanger
- Bluesnarfer
- Bully
- coWPAtty
- crackle
- eapmd5pass
- Easside-ng
- Fern Wifi Cracker
- FreeRADIUS-WPE
- Ghost Phisher
- GISKismet
- Gqrx
- gr-scan
- hostapd-wpe
- ivstools
- kalibrate-rtl
- KillerBee
- Kismet
- makeivs-ng
- mdk3
- mfcuk
- mfoc
- mfterm
- Multimon-NG
- Packetforge-ng
- PixieWPS
- Pyrit
- Reaver
- redfang
- RTLSDR Scanner
- Spooftooph
- Tkiptun-ng
- Wesside-ng
- Wifi Honey
- wifiphisher
- Wifitap
- Wifite
- wpaclean
Forensics Tools
- Binwalk
- bulk-extractor
- Capstone
- chntpw
- Cuckoo
- dc3dd
- ddrescue
- DFF
- diStorm3
- Dumpzilla
- extundelete
- Foremost
- Galleta
- Guymager
- iPhone Backup Analyzer
- p0f
- pdf-parser
- pdfid
- pdgmail
- peepdf
- RegRipper
- Volatility
- Xplico
Web Applications Tools
- Apache-Users
- Arachni
- BBQSQL
- BlindElephant
- Burp Suite
- CutyCapt
- DAVTest
- deblaze
- DIRB
- DirBuster
- fimap
- FunkLoad
- Gobuster
- Grabber
- hURL
- jboss-autopwn
- joomscan
- jSQL Injection
- Maltego Teeth
- Nikto
- PadBuster
- Paros
- Parsero
- plecost
- Powerfuzzer
- ProxyStrike
- Recon-ng
- Skipfish
- sqlmap
- Sqlninja
- sqlsus
- ua-tester
- Uniscan
- w3af
- WebScarab
- Webshag
- WebSlayer
- WebSploit
- Wfuzz
- WhatWeb
- WPScan
- XSSer
- Zaproxy
Stress Testing
- DHCPig
- FunkLoad
- iaxflood
- Inundator
- inviteflood
- ipv6-toolkit
- mdk3
- Reaver
- rtpflood
- SlowHTTPTest
- t50
- Termineter
- THC-IPV6
- THC-SSL-DOS
Sniffing & Spoofing Tools
- Bettercap
- Burp Suite
- DNSChef
- fiked
- hamster-sidejack
- HexInject
- iaxflood
- inviteflood
- iSMTP
- isr-evilgrade
- mitmproxy
- ohrwurm
- protos-sip
- rebind
- responder
- rtpbreak
- rtpinsertsound
- rtpmixsound
- sctpscan
- SIPArmyKnife
- SIPp
- SIPVicious
- SniffJoke
- SSLsplit
- sslstrip
- THC-IPV6
- VoIPHopper
- WebScarab
- Wifi Honey
- Wireshark
- xspy
- Yersinia
- zaproxy
Password Attacking Tools
- BruteSpray
- Burp Suite
- CeWL
- chntpw
- cisco-auditing-tool
- CmosPwd
- creddump
- crowbar
- crunch
- findmyhash
- gpp-decrypt
- hash-identifier
- Hashcat
- HexorBase
- THC-Hydra
- John the Ripper
- Johnny
- keimpx
- Maltego Teeth
- Maskprocessor
- multiforcer
- Ncrack
- oclgausscrack
- ophcrack
- PACK
- patator
- phrasendrescher
- polenum
- RainbowCrack
- rcracki-mt
- RSMangler
- SecLists
- SQLdict
- Statsprocessor
- THC-pptp-bruter
- TrueCrack
- WebScarab
- Wordlists
- Zaproxy
Maintaining Access
- CryptCat
- Cymothoa
- dbd
- dns2tcp
- HTTPTunnel
- Intersect
- Nishang
- polenum
- PowerSploit
- pwnat
- RidEnum
- sbd
- shellter
- U3-Pwn
- Webshells
- Weevely
- Winexe
Hardware Hacking Tools
- Android-sdk
- Apktool
- Arduino
- Dex2jar
- Sakis3G
- Smali
Reverse Engineering Tools
- Apktool
- Dex2Jar
- DiStorm3
- Edb-Debugger
- Jad
- Javasnoop
- JD-GUI
- OllyDbg
- Smali
- Valgrind
- YARA
Reporting Tools
- CaseFile
- Cherrytree
- CutyCapt
- Dos2unix
- Dradis
- MagicTree
- Metagoofil
- Nipper-ng
- Pipal
- RDPY