Top 500+ Hacking Tools
This is only for information about top 500 + hacking tools in termux and Linux.
This is only for information about top 500 + hacking tools in termux and Linux
- phone number tracker - information gathering tool for phone number
- GHOSTSPLOIT. Connect debug devices via ip
- hack cctv camera version 3 - hack cam IP and ports
- increase instagram followers - increase your followers, like views
- instareport - report user on instagram
- instagram-automation - a bot application for instagram which is fully automatic
- Facebook-kit - all in one tool for Facebook
- Facebook_group_hack - hack facebook group
- Facebook_hack - information gathering tool for Facebook
- virous version 2 - virous version 2
- kali nethunter - @rootkali..
- ip Changer - change your Ip many times
- wifi hack - hack WiFi monitor mode also ..
- trace-ip - trace your ip and trace target ip
- SMSbomber - international or national fake sms bombing or call bombing
- wordlist-creater - create a Wordlist or passlist fo any brute Force attack
- millionpass.txt - top 100k or million of password list
- wifi-passlist
- hack-wifi - hack any wifi network from your device range
- reportbug
- virous - phishing virous
- Locate
- Indian-passlist
- sudo_for_termux
- rootkalilinux-termux
- rootubantu-termux
- termux-Arch
- Fbbrute - brute Force attack for Facebook
- seeker - Accurately Locate Smartphones using Social Engineering.
- ANDRAX - ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution
- findomain - The fastest and cross-platform subdomain enumerator, don't waste your time.
- ReconCobra - Complete Automated pentest framework for Information Gathering.
- HttpLiveProxyGrabber - Best Proxy Grabber Tool!.
- instagramCracker - Full Speed Instagram Cracker.
- ToolB0x - Hacking Tools.
- TekDefense-Automater - Automater - IP URL and MD5 OSINT Analysis.
- BruteX - Automatically brute force all services running on a target..
- Findsploit - Find exploits in local and online databases instantly.
- ReverseAPK - Quickly analyze and reverse engineer Android packages.
- Sn1per - Automated pentest framework for offensive security experts.
- noisy - Simple random DNS, HTTP/S internet traffic noise generator.
- LITEDDOS - This Tool Is Supporting For DDOS Activities, The Way Is Typing Command : $ python2 islddos.py example: $python2 islddos.py 104.27.190.77 8080 100 IP target: 104.27.190.77 port: 8080 packet:100 Made In indonesia Indonesia Security Lite.
- LITESPAM - Berisi Tools Spammer Dengan Berbagai Macam jenis Dengan Limit Tinggi Bahkan Unlimited.
- hakkuframework - Hakku Framework penetration testing.
- BeeLogger - Generate Gmail Emailing Keyloggers to Windows..
- KnockMail - Verify if email exists.
- Umbrella - A Phishing Dropper designed to Pentest..
- mfterm - Terminal for working with Mifare Classic 1-4k Tags.
- djangohunter - Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information..
- shodanwave - Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera. .
- WebXploiter - WebXploiter - An OWASP Top 10 Security scanner !.
- CrawlBox - Easy way to brute-force web directory..
- TrackOut - Simple Python IP Tracker.
- sslcaudit - No description provided
- Sublist3r - Fast subdomains enumeration tool for penetration testers.
- doork - Passive Vulnerability Auditor.
- sir - Skype Ip Resolver.
- xl-py - No description provided
- netdiscover - netdiscover.
- ATSCAN - Advanced dork Search & Mass Exploit Scanner.
- fuxploider - File upload vulnerability scanner and exploitation tool..
- ipwn - No description provided
- w3af - w3af: web application attack and audit framework, the open source web vulnerability scanner..
- AndroBugs_Framework - AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows..
- roxysploit - A Hackers framework.
- PadBuster - Automated script for performing Padding Oracle attacks.
- capstone - Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings..
- wirespy - Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017)..
- lscript - The LAZY script will make your life easier, and of course faster..
- ADB-Toolkit - ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!.
- Hunner - Hacking framework.
- Termux-Styling-Shell-Script - Unofficial Termux Styling [ Bash ].
- killshot - A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner.
- admin-panel-finder - A Python Script to find admin panel of a site.
- beef - The Browser Exploitation Framework Project.
- Parsero - Parsero | Robots.txt audit tool.
- bettercap - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks..
- bleachbit - BleachBit system cleaner for Windows and Linux.
- trape - People tracker on the Internet: OSINT analysis and research tool by Jose Pino.
- gcat - A PoC backdoor that uses Gmail as a C&C server.
- wfdroid-termux - Android Terminal Web-Hacking Tools.
- fbht - Facebook Hacking Tool.
- netattack - A simple python script to scan and attack wireless networks..
- netattack2 - An advanced network scan and attack script based on GUI. 2nd version of no-GUI netattack. .
- AUXILE - Auxile Framework.
- hash-generator - beautiful hash generator.
- hasher - Hash cracker with auto detect hash.
- ko-dork - A simple vuln web scanner.
- OSIF - Open Source Information Facebook.
- WifiBruteCrack - Program to attempt to brute force all wifi networks in range of a device, and return a possible set of networks to connect to and the password,.
- lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional..
- rdpy - Remote Desktop Protocol in Twisted Python.
- commix - Automated All-in-One OS command injection and exploitation tool..
- cuckoo - Cuckoo Sandbox is an automated dynamic malware analysis system.
- Easymap - No description provided
- Ecode - Encode / Decode.
- Hac - No description provided
- sqlscan - Quick SQL Scanner, Dorker, Webshell injector PHP.
- shimit - A tool that implements the Golden SAML attack.
- secHub - Python Security/Hacking Kit.
- hammer - Hammer DDos Script - Python 3.
- Kadabra - [DEPRECATED] Kadabra is my automatic LFI Exploiter and Scanner, written in C++ and a couple extern module in Python..
- LFISuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner .
- Clickjacking-Tester - A python script designed to check if the website if vulnerable of clickjacking and create a poc.
- Dr0p1t-Framework - A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks.
- elpscrk - A Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v.
- SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more..
- dnsrecon - DNS Enumeration Script.
- HiddenEye - Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ].
- Intersect-2.5 - Post-Exploitation Framework.
- wifite - No description provided
- wifite2 - Rewrite of the popular wireless network auditor, "wifite".
- CeWL - CeWL is a Custom Word List Generator.
- CMSmap - CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs. .
- torshammer - Tor's hammer. Slow post DDOS tool written in python..
- RTLSDR-Scanner - A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library.
- The-Eye - Simple security surveillance script for linux distributions..
- Pybelt - The hackers tool belt.
- multimon-ng - No description provided
- Empire - Empire is a PowerShell and Python post-exploitation agent..
- sipvicious - SIPVicious suite is a set of security tools that can be used to audit SIP based VoIP systems..
- wafw00f - WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website..
- BAF - Blind Attacking Framework.
- weevely3 - Weaponized web shell.
- xsser - Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications..
- spamchat - Spam Chat Facebook.
- wifi-hacker - Shell Script For Attacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2).
- nodexp - NodeXP - A Server Side Javascript Injection tool capable of detecting and exploiting Node.js vulnerabilities.
- weeman - HTTP server for phishing in python.
- dedsploit - Network protocol auditing framework.
- rang3r - rang3r | Multi Thread IP + Port Scanner.
- fluxion - Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality..
- hURL - hexadecimal & URL encoder + decoder.
- EyeWitness - EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible..
- dnsenum - dnsenum is a perl script that enumerates DNS information.
- msfpc - MSFvenom Payload Creator (MSFPC).
- hasherdotid - Hasherdotid.
- crowbar - Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools. .
- AstraNmap - No description provided
- Auxscan - No description provided
- Black-Hydra - No description provided
- FaDe - Fake Deface.
- GINF - Github information gathering.
- inther - No description provided
- Lazymux - termux tool installer.
- OWScan - No description provided
- santet-online - No description provided
- SpazSMS - Send unsolicited messages repeatedly on the same phone number.
- distorm - Powerful Disassembler Library For x86/AMD64.
- wifitap - wifitap updated for BT5r3.
- indonesian-wordlist - Indonesian wordlist.
- dbd - Durandal's Backdoor.
- Leaked - Leaked? 2.1 - A Checking tool for Hash codes, Passwords and Emails leaked.
- slowloris - Low bandwidth DoS tool. Slowloris rewrite in Python..
- golismero - GoLismero - The Web Knife.
- SCANNER-INURLBR - Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found..
- GoogleSearch-CLI - Search anything on Google without captcha.
- avet - AntiVirus Evasion Tool.
- hulk - HULK DoS tool ported to Go with some additional features..
- openvas - Open Vulnerability Assessment Scanner.
- Gemail-Hack - python script for Hack gmail account brute force.
- Namechk - Osint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks..
- webdav - Simple Go WebDAV server..
- 4nonimizer - A bash script for anonymizing the public IP used to browsing Internet, managing the connection to TOR network and to different VPNs providers (OpenVPN).
- sqliv - massive SQL injection vulnerability scanner.
- hashcat - World's fastest and most advanced password recovery utility.
- maskprocessor - High-Performance word generator with a per-position configureable charset.
- zarp - Network Attack Tool.
- Metasploit_termux - No description provided
- Nethunter-In-Termux - This is a script by which you can install Kali nethunter (Kali Linux) in your termux application without rooted phone .
- TermuxAlpine - Use TermuxAlpine.sh calling to install Alpine Linux in Termux on Android. This setup script will attempt to set Alpine Linux up in your Termux environment..
- MSF-Pg - No description provided
- BinGoo - BinGoo! A Linux bash based Bing and Google Dorking Tool.
- Planetwork-DDOS - No description provided
- osrframework - OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches..
- angryFuzzer - Tools for information gathering.
- PyBozoCrack - A silly & effective MD5 cracker in Python.
- faraday - Collaborative Penetration Test and Vulnerability Management Platform.
- plecost - Plecost - Wordpress finger printer Tool .
- keimpx - Check for valid credentials across a network over SMB.
- sslyze - Current development of SSLyze now takes place on a separate repository.
- wreckuests - Wreckuests — yet another one hard-hitting tool to run DDoS atacks with HTTP-flood.
- dmitry - DMitry (Deepmagic Information Gathering Tool).
- peepdf - Powerful Python tool to analyze PDF documents.
- cowpatty - coWPAtty: WPA2-PSK Cracking.
- blackbox - No description provided
- Pyrit - The famous WPA precomputed cracker, Migrated from Google..
- GoldenEye - GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool.
- kickthemout - ? Kick devices off your network by performing an ARP Spoof attack..
- onioff - ? An onion url inspector for inspecting deep web links..
- DHCPig - DHCP exhaustion script written in python using scapy network library.
- pybluez - Bluetooth Python extension module.
- Remot3d - Remot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors.
- RegRipper2.8 - RegRipper version 2.8.
- evilginx - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.
- evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.
- txtool - an easy pentesting tool..
- pydictor - A powerful and useful hacker dictionary builder for a brute-force attack.
- recon-ng - Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources..
- theHarvester - E-mails, subdomains and names Harvester - OSINT .
- httptunnel - Bidirectional data stream tunnelled in HTTP requests..
- InSpy - A python based LinkedIn enumeration tool.
- Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. .
- credmap - The Credential Mapper.
- qark - Tool to look for several security related Android application vulnerabilities.
- wifresti - Find your wireless network password in Windows , Linux and Mac OS.
- xerosploit - Efficient and advanced man in the middle framework.
- Evil-create-framework - No description provided
- SH33LL - SHELL SCANNER.
- Infoga - Infoga - Email OSINT.
- SMBrute - SMB Protocol Bruteforce.
- WAScan - WAScan - Web Application Scanner.
- WPSeku - WPSeku - Wordpress Security Scanner .
- xsmash - Facebook Hack Box .
- zeroeye - Key Generator v1.66.
- subscraper - External pentest and bug bounty tool to perform subdomain enumeration through various techniques. SubScraper will provide information such as HTTP & DNS lookups to aid in potential next steps..
- IPGeoLocation - Retrieve IP Geolocation information.
- Crips - IP Tools To quickly get information about IP Address's, Web Pages and DNS records..
- fsociety - fsociety Hacking Tools Pack – A Penetration Testing Framework.
- Xshell - ~ Shell Finder By Ⓜ Ⓐ Ⓝ Ⓘ Ⓢ Ⓢ Ⓞ ☪ ~.
- cupp - Common User Passwords Profiler (CUPP).
- CyberScan - CyberScan: Network's Forensics ToolKit.
- HTools - 50+ Hacking Tools Collection.
- Hatch - Hatch is a brute force tool that is used to brute force most websites.
- Mercury - Mercury is a hacking tool used to collect information and use the information to further hurt the target.
- crackle - Crack and decrypt BLE encryption.
- nk26 - NKosec Encode, 2 side encode. change alphabet to numeric or back numeric to alphabet..
- WP-plugin-scanner - A tool to list plugins installed on a wordpress powered website..
- mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers..
- xspy - Record X11 keypress events to a log file.
- Th3inspector - Th3Inspector ?️ Best Tool For Information Gathering ?.
- XAttacker - X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter.
- apt2 - automated penetration toolkit.
- sslstrip - A tool for exploiting Moxie Marlinspike's SSL "stripping" attack..
- creddump - Automatically exported from code.google.com/p/creddump.
- DKMC - DKMC - Dont kill my cat - Malicious payload evasion tool.
- FBUPv2.0 - No description provided
- BadMod - CMS auto detect and exploit..
- fierce - A DNS reconnaissance tool for locating non-contiguous IP space..
- braa - Ultra-fast SNMPv1/v2 stack. Get/set/walk tens of thousands of hosts at once..
- Stitch - Python Remote Administration Tool (RAT).
- demiguise - HTA encryption tool for RedTeams.
- Winpayloads - Undetectable Windows Payload Generation.
- termux-ubuntu - Ubuntu chroot on termux.
- bbqsql - SQL Injection Exploitation Tool.
- EggShell - iOS/macOS/Linux Remote Administration Tool.
- mfcuk - MiFare Classic Universal toolKit (MFCUK).
- mfoc - Mifare Classic Offline Cracker.
- termux-fedora - A script to install a Fedora chroot into Termux.
- AutoSploit - Automated Mass Exploiter.
- AutoPixieWps - Automated pixieWps python script.
- exploitdb - The official Exploit Database repository.
- gobuster - Directory/File, DNS and VHost busting tool written in Go.
- Simple-Fuzzer - Simple Fuzzer is a simple config-file driven block/mutation based fuzzing system.
- OWASP-WebScarab - OWASP WebScarab.
- QRLJacking - QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers..
- WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack.
- Spammer-Grab - A brand new, awakened version of the old Spammer-Grab..
- zirikatu - Fud Payload generator script.
- eternal_scanner - An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance).
- get - Get is a simple script to retrieve an ip from hostname or vice-versa ..
- enum4linux - enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts..
- KatanaFramework - The New Hacking Framework.
- PowerSploit - PowerSploit - A PowerShell Post-Exploitation Framework.
- proxystrike - Automatically exported from code.google.com/p/proxystrike.
- FakeImageExploiter - Use a Fake image.jpg to exploit targets (hide known file extensions).
- Meterpreter_Paranoid_Mode-SSL - Meterpreter Paranoid Mode - SSL/TLS connections.
- morpheus - Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool).
- trojanizer - Trojanize your payload - WinRAR (SFX) automatization - under Linux distros.
- ExploitOnCLI - Trying to be the best tool to search for exploits in the terminal..
- XPL-SEARCH - Search exploits in multiple exploit databases!.
- MyServer - MyServer is your own localhost web server. you can setup PHP, Apache, Nginx and MySQL servers on your android devices or linux like Ubuntu etc. MyServer is Developed for android terminal like Termux or GNURoot Debian terminal..
- Tool-X - Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other android terminals. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based distributions..
- ezsploit - Linux bash script automation for metasploit.
- binwalk - Firmware Analysis Tool.
- routersploit - Exploitation Framework for Embedded Devices.
- shellnoob - A shellcode writing toolkit.
- joomscan - OWASP Joomla Vulnerability Scanner Project.
- shell-scan - Look for a backdoor shell on the website.
- catphish - CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM. .
- killerbee - IEEE 802.15.4/ZigBee Security Research Toolkit.
- masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes..
- intrace - Enumeration of IP hops using existing TCP connections.
- jsql-injection - jSQL Injection is a Java application for automatic SQL database injection..
- arp-scan - The ARP Scanner.
- killchain - A unified console to perform the "kill chain" stages of attacks..
- eaphammer - Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks..
- Blazy - Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF ..
- Hash-Buster - Crack hashes in seconds..
- sqlmate - A friend of SQLmap which will do what you always expected from SQLmap..
- Striker - Striker is an offensive information and vulnerability scanner..
- XSStrike - Most advanced XSS scanner..
- EasY_HaCk - Hack the World using Termux.
- nishang - Nishang - Offensive PowerShell for red team, penetration testing and offensive security. .
- pwnat - The only tool and technique to punch holes through firewalls/NATs where both clients and server can be behind separate NATs without any 3rd party involvement. Pwnat uses a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, router administrative requirements, STUN/TURN/UPnP/ICE, or spoofing required..
- kojawafft - newfft.
- DDosy - Perform a Ddos attack with Threads (Educational purpose).
- fern-wifi-cracker - Automatically exported from code.google.com/p/fern-wifi-cracker.
- ghost-phisher - Automatically exported from code.google.com/p/ghost-phisher.
- Brutal - Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy ).
- Dracnmap - Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands..
- LALIN - this script automatically install any package for pentest with uptodate tools , and lazy command for run the tools like lazynmap , install another and update to new #actually for lazy people hahaha #and Lalin is remake the lazykali with fixed bugs , added new features and uptodate tools . It's compatible with the latest release of Kali (Rolling).
- TheFatRat - Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection ..
- Vegile - This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell.
- the-backdoor-factory - Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported).
- termineter - Smart Meter Security Testing Framework.
- kwetza - Python script to inject existing Android applications with a Meterpreter payload..
- D-TECT-1 - D-TECT - Pentesting the Modern Web.
- smbmap - SMBMap is a handy SMB enumeration tool.
- slowhttptest - Application Layer DoS attack simulator.
- johnny - The GUI frontend to the John the Ripper password cracker.
- HT-WPS-Breaker - HT-WPS Breaker (High Touch WPS Breaker).
- PwnSTAR - PwnSTAR (Pwn SofT-Ap scRipt) - for all your fake-AP needs!.
- termux-wordpresscan - No description provided
- bulk_extractor - This is the development tree. For downloads please see:.
- uidsploit - The Uidsploit Framework | Penetration Test Tool.
- fuckshitup - php-cli vulnerability scanner.
- snitch - information gathering via dorks.
- Zerodoor - A script written lazily for generating cross-platform backdoors on the go :) .
- deblaze - Performs method enumeration and interrogation against flash remoting end points..
- jboss-autopwn - A JBoss script for obtaining remote shell access.
- sqlmap - Automatic SQL injection and database takeover tool.
- termux-sudo - A bash script that provides sudo for Termux.
- DSSS - Damn Small SQLi Scanner.
- DSVW - Damn Small Vulnerable Web.
- DSXS - Damn Small XSS Scanner.
- kalibrate-rtl - fork of http://thre.at/kalibrate/ for use with rtl-sdr devices.
- Gloom-Framework - Gloom-Framework :: Linux Penetration Testing Framework.
- nikto - Nikto web server scanner.
- cpscan - website admin panel finder.
- torghost - Tor anonimizer.
- Wordpresscan - WPScan rewritten in Python + some WPSeku ideas.
- IP-FY - Gathers information about a Particular IP address.
- reaver-wps-fork-t6x - No description provided
- leviathan - wide range mass audit toolkit.
- websploit - Websploit is an advanced MITM framework..
- hacktronian - All in One Hacking Tool for Linux & Android.
- EagleEye - Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search..
- CHAOS - ? CHAOS is a PoC that allow generate payloads and control remote operating systems..
- sAINT - ?️ (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued].
- yersinia - A framework for layer 2 attacks.
- ridenum - Rid_enum is a null session RID cycle attack for brute forcing domain controllers..
- social-engineer-toolkit - The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here..
- CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs.
- fbvid - Facebook Video Downloader (CLI) For Linux Systems Coded in PHP.
- RED_HAWK - All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers.
- shellstack - A PHP Based Tool That Helps You To Manage All Your Backdoored Websites Efficiently..
- Androspy - Androspy framework is a Backdoor Crypter & Creator with Automatic IP Poisener.
- SocialBox - SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi.
- gasmask - Information gathering tool - OSINT.
- Blazy - Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF ..
- Breacher - An advanced multithreaded admin panel finder written in python..
- Hash-Buster - Crack hashes in seconds..
- ReconDog - Reconnaissance Swiss Army Knife.
- sqlmate - A friend of SQLmap which will do what you always expected from SQLmap..
- Striker - Striker is an offensive information and vulnerability scanner..
- XSStrike - Most advanced XSS scanner..
- EvilURL - Generate unicode evil domains for IDN Homograph Attack and detect them..
- GoblinWordGenerator - Python wordlist generator .
- SocialFish - Educational Phishing Tool & Information Collector .
- bing-ip2hosts - bingip2hosts is a Bing.com web scraper that discovers websites by IP address.
- WhatWeb - Next generation web scanner.
- CredSniper - CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens..
- airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks..
- thc-ipv6 - IPv6 attack toolkit.
- sniffjoke - a client-only layer of protection from the wiretap/sniff/IDS analysis.
- termux-lazysqlmap - SQLMAP for Lazy People on Termux.
- volatility - An advanced memory forensics framework.
- websploit - websploit is an advanced MITM framework.
- air-hammer - No description provided
- wifiphisher - The Rogue Access Point Framework.
- pixiewps - An offline Wi-Fi Protected Setup brute-force utility.
- PiDense - Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.).
- doona - Network based protocol fuzzer.
- dotdotpwn - DotDotPwn - The Directory Traversal Fuzzer.
- wpscan - WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites..
- brutespray - Brute-Forcing from Nmap output - Automatically attempts default creds on found services..
- fbi - Facebook Information.
- A-Rat - No description provided
- wfuzz - Web application fuzzer.
- giskismet - giskismet – Wireless recon visualization tool.
- Cookie-stealer - Crappy cookie stealer.
- cdpsnarf - CDPSnarf is a network sniffer exclusively written to extract information from CDP (Cisco Discovery Protocol) packets. .
- zaproxy - The OWASP ZAP core project.
- koadic - Koadic C3 COM Command & Control - JScript RAT.
- webpwn3r - WebPwn3r - Web Applications Security Scanner..]([
What's Your Reaction?