BadKarma is a GUI based network reconnaissance tool that can gather useful network information at any stage of the penetration testing process....
Wapiti is an open source tool that scans web applications for multiple vulnerabilities including data base injections, file disclosures, cross site scripting,...
A2SV is an open source tool used for scanning SSL vulnerabilities in web applications. A2SV performs vulnerability scanning for CCS injection, Heartbleed,...
Yuki Chan is an open source tool that automates some of the information gathering and web application penetration testing process. The tool...
Pythem is a python framework used for performing various security tests on networks and web applications. These include scanning, web crawling, web...
Spiderfoot is an open source tool used for reconnaissance purpose. The tool is capable of gathering useful information about the target host...
Wifiphisher is an open source framework that can be utilised for red team engagements for wireless networks through Man in the Middle...
Dirhunt is a python tool that can quickly search directories on target domains to find interesting directories and file locations. The URL’s...
Bloodhound is an open source application used for analyzing security of active directory domains. The tool is inspired by graph theory and...
Uniscan is an open source tool capable of scanning web applications for critical vulnerabilities, such as sql injection, blind sql injection, cross...
DNSRecon is a python script used for DNS information gathering. DNS information about a target is an essential requirement for every penetration...
Habu is an open source penetration testing toolkit that can perform various penetration testing tasks related to networks. These include ARP poisoning,...
Morpheus is an open source framework that can launch multiple attacks on the network using applications, such as ettercap, msgsnarf, tcpkill, and...
XSStrike is an open source tool that detects Cross Site Scripting vulnerabilities and exploits them. The tool is equipped with a powerful...
Leviathan is an open source toolkit that can be used for auditing networks and web applications. The types of audits that can...
CMSeek is a python tool that is used to detect Content Management System (CMS) within a target website, it can extract useful information...
Evilgrade is a modular framework that takes over target machines by injecting fake updates in poorly updated systems using a MITM attack...
CrackMapExec(CME) is a post exploitation tool that can be used for tasks like cracking administrative rights and mapping active directory networks. Active...
Zeus scanner is an open source tool used for reconnaissance and vulnerability assessments of web applications. The tool is equipped with a...
Vega is a GUID based open source tool used for testing the security of web applications. The tool can be used to...
Droopescan is a python based scanner that is used to scan the web applications that utilise Drupal, SilverStripe, and WordPress. The types...