We have compiled a list of common Penetration testing tools used by white-hat hackers or ethical hackers, facilitate this by simulating real-world attacks by criminal hackers, who are known as black-hat hackers.
In effect, conducting penetration testing is similar to hiring security consultants to attempt a cybersecurity attack of a secure facility to find out how real criminals might do it. The results are used by organizations to make their applications more secure:
- OpenVAS – OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
- Metasploit Framework – A tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.
- Kali – Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. Kali Linux is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs).
- pig – A Linux packet crafting tool.
- scapy – Scapy: the python-based interactive packet manipulation program & library.
- Pompem – Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security…
- Nmap – Nmap is a free and open source utility for network discovery and security auditing.
- Amass – Amass performs DNS subdomain enumeration by scraping the largest number of disparate data sources, recursive brute forcing, crawling of web archives, permuting and altering names, reverse DNS sweeping and other techniques.
- Anevicon – The most powerful UDP-based load generator, written in Rust.
- Finshir – A coroutines-driven Low & Slow traffic generator, written in Rust.
- Legion – Open source semi-automated discovery and reconnaissance network penetration testing framework.
- Sublist3r – Fast subdomains enumeration tool for penetration testers
- RustScan – Faster Nmap scanning with Rust. Take a 17 minute Nmap scan down to 19 seconds.
- Boofuzz – Fuzzing engine and fuzz testing framework.
- monsoon – Very flexible and fast interactive HTTP enumeration/fuzzing.
