Skip to the content.

Overview, Tools, and Pathways

These are a few of the plethora of tools out there. These are ones in which I have used at some point.

General Enumeration | Scanning | Reconnaissance

whatweb

Nmap

rustscan

wpscan

Nessus

OWASP Zap

Dig, dnsenum, and nslookup

Shodan


Web and Network Exploitation

There are thousands and thousands of different tools, scripts, and applications out there for all the various different attack types and vulnerabilities. The following are ones which I have personally used in labs and challenges and which I am at least fairly comfortable using.

Enumeration && Exploitation Tools

BURP Suite

dirb, dirbuster, gobuster

gospider

ffuf, hydra

sstimap, lfimap

LinPEAS, WinPEAS

curl, wget

enum4linux, smbmap, smbscan

lftp

revshells.com


Automated Exploitation Tools

Metasploit

SQLMap

xsssniper

rapidscan

Responder

impacket suite

psexec, wmiexec, smbserver, etc.

bloodhound/sharphound


Investigative, Post-Exploitation Tools

hashcat

John the Ripper and john2__

cewl, crunch

binwalk, exiftools

PhotoSecUtils