Tools

Websites

';--haveibeenpwned?

Check if you have an account that has been compromised in a data breach

Aircrack-ng

Aircrack-ng is a complete suite of tools to assess WiFi network security.

Burp Suite

Toolkit for investigating web security

Cain and Abel

Windows-only password recovery tool handles an enormous variety of tasks

Colasoft Packet Builder

Colasoft Packet Builder enables creating custom network packets.

CurrPorts

CurrPorts is network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on your local computer.

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable

Edgar Database

Securities and Exchange Commission Edgar Database

Ettercap

Ettercap is a comprehensive suite for man in the middle attacks.

Exploit DB- Google Hacking Database

Exploit DB- Google Hacking/ Google Dorking Database

HTTrack Website Copier

Website Mirroring

HashCalc

A fast and easy-to-use calculator that allows to compute message digests, checksums and HMACs for files, as well as for text and hex strings

Hiren & Pankajls Tools

Hirens BootCD, Darik's Boot and Nuke (DBAN), etc

Hping

hping is a command-line oriented TCP/IP packet assembler/analyzer.

ICANN WHOIS Lookup

Domain Name Registration Data Lookup

IDA Pro

A Disassembler and Debugger

IPLeak

Whats your IP and DNS?

John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix, macOS, Windows, DOS, BeOS, and OpenVMS

Kali Linux

Download Kali Linux Images

L0phtCrack

Password Auditing and Cracking

MalShare Toolkit

Set of tools for interacting with Malshare

Maltego

An open source intelligence (OSINT) and graphical link analysis tool for gathering and connecting information for investigative tasks.

Manage Engine OpManager

Network monitoring solution

Medusa

Medusa Parallel Network Login Auditor

NMap

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing

Ncat

Netcat (often abbreviated to nc) is a computer networking utility for reading and writing from and to network connections using Transmission Control Protocol (TCP) or User Datagram Protocol (UDP).

OSRFramework

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

Ophcrack

Ophcrack is a free Windows password cracker based on rainbow tables.

RainbowCrack

RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. It crack hashes with rainbow tables.

Recon-ng

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

SIFT Workstation

The SIFT Workstation is a group of free open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings.

SMAC

MAC Address Spoofing Tool

Shodan

Search engine for Internet-connected devices

TCPView

TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections.

THC Hydra

This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system.

The Harvester

Email Harvesting

VM Workstation Player

VMware Workstation Player is free for personal non-commercial use

Virtual Box

VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use.

VirusTotal

Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community.

Visual Ping

Website Change Detection, Monitoring, and Alerts

Wireshark

Packet capture and network protocol analyzer.

fgdump

A Tool For Mass Password Auditing of Windows Systems

p0f v3

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.

wfuzz

The web application Bruteforcer