Security Tools

These are general security tools that may span more than one of the detailed categories, or otherwise are generally useful.

Tool Collections

• PenTesters Framework - Allows installing and managing a bunch of other tools at the same time.
• GTFOBins - Privilege escalation tools on Unix
• LOLBAS - Living Off the Land Binaries
• LOTS Project - Living Off Trusted Sites
• HOUDINI - Hundreds of Offensive and Useful Docker Images for Network Intrusion

Common Tools

• Metasploit Framework - Mostly for pentesting, but includes lots of useful utilities.
• Burp Suite - Canonical tool for doing anything related to webapps.
• Wireshark - Canonical tool for anything to do with packet captures.

Security Testing Distributions

• Kali Linux - The canonical penetration testing distribution, formerly “Backtrack Linux”
• Commando VM - Windows tool set.

Miscellaneous/Niche Tools

• Printer Exploitation Toolkit (PRET)
• Interactive Kiosk Attack Tool
• Firmadyne Firmware Analysis
• Werdlists - Wordlists for all kinds of things
• SecLists - More lists of useful things.

Online Tools

• PrivateBin - Zero Knowledge Pastebin