ENNA

Aircrack-ng

C

Featured

Complete suite for WiFi network security assessment. Monitoring, attacking, testing, and cracking.

Amass

Go

Featured

In-depth attack surface mapping and asset discovery. DNS enumeration, network mapping, OSINT data sources.

Entity-based blockchain analytics. Ultra system maps on-chain activity to real-world entities across chains.

Swiss army knife for WiFi, Bluetooth, and ethernet network recon and MITM. Scriptable with JS.

Official Bitcoin node with full RPC interface. Query the blockchain directly — raw transactions, mempool, UTXO lookups.

Open-source blockchain explorer for Ethereum and EVM chains. Full-featured with smart contract verification.

BloodHound

Go

Featured

Active Directory attack path mapping. Visualizes privilege escalation paths using graph theory.

Blockchain analytics and investigation tool. Trace Bitcoin and Ethereum transactions through multiple hops.

Web vulnerability scanner and proxy. Intercept, modify, and replay HTTP/S traffic for web app testing.

Swiss army knife for Ethereum. Send transactions, query chain data, decode calldata, compute hashes — all from CLI.

Swiss army knife for pentesting Active Directory. SMB, LDAP, MSSQL, WinRM enumeration and exploitation.

Extract blockchain data into Parquet or CSV. High-performance bulk exporter for blocks, transactions, logs, and traces.

Query blockchain data with SQL. Ethereum, Polygon, Optimism, Arbitrum, Solana, and more. Community dashboards.

Man-in-the-middle attack framework for phishing credentials and session cookies, bypassing 2FA.

Feroxbuster

Rust

Featured

Fast, recursive content discovery tool written in Rust. Like gobuster on steroids with auto-recursion.

ffuf

Go

Featured

Fast web fuzzer written in Go. Fuzz anything — URLs, headers, POST data — with blazing speed.

Custom firmware for Flipper Zero. Sub-GHz, RFID, NFC, infrared, and GPIO hacking multi-tool.

Real-time threat detection for blockchain. Community-built detection bots monitoring for exploits, scams, and anomalies.

Dynamic instrumentation toolkit for developers and security researchers to inject scripts into native apps.

Official Go implementation of Ethereum. Full node, archive node, and light client with rich JSON-RPC API.

Ghidra

Java

Featured

NSA's reverse engineering framework. Disassembly, decompilation, graphing, and scripting for binary analysis.

GoPhish

Go

Featured

Open-source phishing framework. Create campaigns, track results, and train users with realistic simulations.

Cryptoasset analytics platform. Address clustering, entity mapping, and flow analysis for Bitcoin and Ethereum.

Hashcat

C

Featured

World's fastest password recovery tool. GPU-accelerated with support for 300+ hash types.

Linux privilege escalation enumeration script. Finds misconfigs, SUID bins, creds, and escalation paths.

Metasploit Framework

Ruby

Featured

The world's most used penetration testing framework. Exploit development, payload delivery, post-exploitation.

Detect and analyze MEV (Maximal Extractable Value) on Ethereum. Finds arbitrage, liquidations, and sandwiches.

Extract plaintext passwords, hashes, PIN codes, and Kerberos tickets from Windows memory.

SlowMist's crypto tracking platform. Cross-chain fund tracing, address labeling, and risk scoring for AML.

Automated mobile security framework for static and dynamic analysis of Android, iOS, and Windows apps.

Security analysis tool for EVM bytecode. Detects reentrancy, integer overflow, and access control vulnerabilities.

Nmap

C/C++

Featured

The gold standard network scanner. Host discovery, port scanning, service/version detection, OS fingerprinting.

Nuclei

Go

Featured

Fast vulnerability scanner driven by YAML templates. Thousands of community-contributed detection templates.

OpenVAS

C

Featured

Full-featured vulnerability scanner. 50,000+ NVTs, credentialed scanning, compliance checks.

The security tester's companion. Huge collection of wordlists — usernames, passwords, URLs, fuzzing payloads, shells.

Sherlock

Python

Featured

Hunt down social media accounts by username across 400+ social networks simultaneously.

Solidity static analysis framework. Detects vulnerabilities, prints contract info, and suggests optimizations.

Open-source C2 framework by BishopFox. mTLS, HTTP(S), DNS, WireGuard implants with multi-operator support.

SpiderFoot

Python

Featured

Automated OSINT with 200+ modules. Web UI for scanning IPs, domains, emails, names, and more.

Subfinder

Go

Featured

Fast passive subdomain enumeration tool. Uses multiple sources including certificate transparency logs.

Fast online password brute-forcer. Supports 50+ protocols including SSH, FTP, HTTP, SMB, MySQL.

Local-first Ethereum indexer. Decentralized, censorship-resistant access to blockchain data with rich APIs.

Find leaked credentials in Git repos, S3 buckets, and filesystems. Regex and entropy-based detection.

Endpoint visibility and collection tool. Hunt for artifacts across thousands of endpoints simultaneously.

Volatility 3

Python

Featured

Advanced memory forensics framework. Extracts artifacts from RAM dumps — processes, network connections, registry.

Python library for interacting with Ethereum. Query blocks, decode transactions, call contracts, trace calls.

Wireshark

C/C++

Featured

The world's foremost network protocol analyzer. Deep packet inspection for hundreds of protocols.

Pattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.

Enhanced blockchain API. NFT metadata, token balances, transaction receipts, and webhook notifications.

Subdomain discovery through alterations and permutations. Generates mutated wordlists from known subdomains.

Reverse engineer Android APK files — decode resources, rebuild, and step-through debug smali code.

Arjun

Python

HTTP parameter discovery suite. Finds hidden query parameters in web applications using smart heuristics.

Send ARP requests to discover and fingerprint hosts on the local network segment.

Assetfinder

Go

Find domains and subdomains potentially related to a given domain. Pulls from multiple passive sources.

Autopsy

Java

Digital forensics platform with GUI. Disk image analysis, timeline analysis, keyword search, hash filtering.

Firmware analysis tool. Searches binary images for embedded files, executables, and file systems.

Block chain browser for Bitcoin and similar currencies. Self-hosted explorer with search and API.

Python Bitcoin library. Create wallets, parse transactions, interact with nodes, and analyze the UTXO set.

OSINT tool to search for user accounts across 500+ social networks and websites.

Detect whether an IP belongs to a CDN, cloud provider, or WAF to identify origin servers.

Search engine for internet-connected devices. Alternative to Shodan with certificate and host search.

Custom wordlist generator. Spiders a target site and builds password lists from scraped words.

Blockchain investigation tool. Transaction graph visualization, wallet clustering, and entity identification.

Real-time monitoring of DEX trades, bridge transfers, and large movements. Custom alerts via webhook or Telegram.

Fast TCP/UDP tunnel over HTTP secured via SSH. Single binary, works behind firewalls and NAT.

Cloud infrastructure enumerator to find company assets across multiple cloud providers.

Analyze AWS environments to create network diagrams and identify security risks.

Commix

Python

Automated OS command injection exploitation tool. Tests web apps for command injection vulnerabilities.

.NET C2 framework. Collaborative, web-based interface for red team operations and implant management.

Blockchain analytics platform for compliance and investigation with transaction flow visualization.

GUI for Radare2. Makes reverse engineering accessible with graphs, decompiler, and hex editor built in.

Live response collection tool for quickly gathering forensic artifacts from hosts during incident response.

Multi-chain DeFi portfolio tracker. Token holdings, protocol positions, NFTs, and approval management across 100+ chains.

Multithreaded DNS enumeration tool that discovers subdomains via dictionary brute-force, Google scraping, and zone transfers.

DNS enumeration script. Zone transfers, reverse lookups, Google dorking, SRV records, and DNSSEC testing.

dnsx

Go

Fast multi-purpose DNS toolkit. Retries, wildcard filtering, and multiple resolver support.

Detect wallet drainer contracts and phishing approval signatures. Scans for SetApprovalForAll and Permit2 abuse.

Android security testing framework for identifying vulnerabilities in apps and devices.

DeFi attack and MEV analysis. Visualizes flash loan attacks, rug pulls, and arbitrage with transaction decoding.

Crypto compliance and investigation tool. Cross-chain tracing, sanctions screening, and risk profiling.

Email harvesting from search engines. Supports Google, Bing, Yahoo, and ASK with proxy rotation.

Windows/Samba enumeration tool. Extracts user lists, share info, group policies, and OS details via SMB.

Complete Ethereum library for JavaScript. Wallet management, contract interaction, ENS resolution, and ABI encoding.

Python wrapper for Etherscan API. Query balances, transactions, token transfers, contract ABIs, and gas prices.

Ethereum transaction explorer and visualizer. Graph-based exploration of addresses and transaction flows.

Ultimate WinRM shell for pentesting. Upload/download, in-memory PowerShell, DLL injection, pass-the-hash.

Python library for parsing and analyzing EVM call traces. Decode internal transactions and visualize call trees.

ExifTool

Perl

Read, write, and edit metadata in files. Supports EXIF, GPS, IPTC, XMP, and more across dozens of formats.

DNS reconnaissance tool for locating non-contiguous IP space and hostnames against specified domains.

WPA security auditing tool that uses social engineering for handshake capture via evil twin attacks.

gau

Go

Get All URLs. Fetches known URLs from AlienVault OTX, Wayback Machine, Common Crawl, and URLScan.

Offensive Google framework to extract information from Google accounts using emails.

Scan Git repos for hardcoded secrets like passwords, API keys, and tokens. CI/CD ready.

Gobuster

Go

Directory/file, DNS, and vhost busting tool. Brute-forces URIs, DNS subdomains, virtual host names, and S3 buckets.

GoBuster DNS

Go

DNS subdomain bruting using Go. Concurrent queries with wildcard detection and custom resolvers.

Fast web spider written in Go for crawling and collecting URLs, subdomains, and endpoints.

Simple Go web crawler for quick discovery of endpoints and assets within a web application.

Holehe

Python

Check if an email is registered on 120+ sites. Uses password recovery mechanisms to verify without logging in.

httpx

Go

Fast multi-purpose HTTP toolkit. Probes for running HTTP servers with retries and fallbacks.

Impacket

Python

Collection of Python classes for working with network protocols. Essential for Windows/AD pentesting.

Download Instagram photos, videos, stories, and metadata. Profile archiving and OSINT data extraction.

DEX to Java decompiler producing readable Java source from Android APK and DEX files.

John the Ripper

C

Fast password cracker. Supports hundreds of hash types and ciphers. CPU and GPU modes.

Automation framework combining multiple JS analysis tools for comprehensive JavaScript recon.

Katana

Go

Next-gen crawling and spidering framework. Headless browser and standard mode with automatic form fill.

Phishing campaign toolkit with web cloning, credential harvesting, and campaign analytics dashboard.

Wireless network detector, sniffer, wardriving tool, and IDS. WiFi, Bluetooth, Zigbee, and more.

Subdomain enumeration tool using wordlist and DNS resolution. Supports VirusTotal and zone transfers.

Password recovery tool. Retrieves stored passwords from browsers, WiFi, databases, sysadmin tools, and more.

Advanced tunneling/pivoting tool. Creates a TUN interface for transparent proxying through compromised hosts.

Python script to discover endpoints and their parameters in JavaScript files.

Maigret

Python

Sherlock fork on steroids. Collects detailed info from 2500+ sites, builds a report with extracted data.

Visual link analysis tool for OSINT. Maps relationships between people, companies, domains, and infrastructure.

Masscan

C

Internet-scale port scanner. Transmits 10 million packets per second. Asynchronous, stateless scanning.

Speedy, parallel, modular brute-forcer. Supports HTTP, MySQL, SMB, SSH, Telnet, and more.

PowerShell toolkit for attacking Azure services including storage, key vaults, and automation.

Automated HTTP reverse proxy for 2FA phishing. Real-time credential and token harvesting.

Open-source wallet labeling database. Identify wallets belonging to exchanges, whales, MEV bots, and funds.

Ncat (Nmap)

C

Improved netcat with SSL support, IPv6, proxying, and connection brokering. The Swiss army knife of networking.

Active/passive ARP reconnaissance tool for network discovery without DNS traffic.

Nikto

Perl

Classic web server scanner. Tests for dangerous files, outdated server software, and version-specific problems.

Runtime mobile exploration toolkit powered by Frida for iOS and Android security testing without jailbreak.

Blockchain transaction visualizer. Generates interactive force-directed graphs of Ethereum address relationships.

Instagram OSINT tool. Gathers emails, phone numbers, user info, followers, and location data from profiles.

Mine parameters from web archives for any domain to find hidden attack surfaces.

PhoneInfoga

Go

Advanced phone number OSINT. Scans phone numbers using free resources to gather standard and disposable info.

Incredibly fast crawler designed for OSINT. Extracts URLs, emails, files, JS, and secret keys from targets.

Super timeline creation engine. Extracts timestamps from multiple forensic artifact sources into a single timeline.

Monitor Linux processes without root. Detects cron jobs, user commands, and process events in real time.

Portable reversing framework. Disassembly, debugging, analysis, patching, and scripting in a single CLI.

Recon-ng

Python

Full-featured reconnaissance framework. Modular design with a Metasploit-like interface for OSINT gathering.

Responder

Python

LLMNR/NBT-NS/mDNS poisoner and rogue authentication server. Captures NTLMv1/v2 hashes on the network.

High-performance Ethereum execution client in Rust. Blazing fast sync, archive mode, and modular architecture.

Framework for Azure AD enumeration and exploitation via the internal ROADrecon and ROADlib modules.

Software-defined radio tools for RTL2832U-based DVB-T receivers, enabling wide-spectrum RF analysis.

Smart contract risk assessment. Reviews DeFi contracts for common rug pull patterns and backdoor functions.

Blazing fast port scanner that pipes into Nmap. Scans all 65k ports in 3 seconds flat.

Scan for misconfigured S3 buckets across AWS regions and dump accessible contents.

Blockchain analytics with risk scoring, transaction monitoring, and compliance reporting across 8000+ assets.

Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.

Discover sensitive data like API keys, tokens, and credentials in JavaScript files.

Shodan CLI

Python

Command-line interface for Shodan, the search engine for internet-connected devices.

API, CLI, and web app for analyzing and finding a person's profile across 1000+ social media sites.

Solana blockchain tools. Query accounts, transactions, programs, and stake info. Built-in token management.

sqlmap

Python

Automatic SQL injection and database takeover tool. Detects and exploits SQL injection flaws.

Subdomain takeover tool. Checks if CNAME records point to deprovisioned cloud services.

Command-line packet analyzer. The lightweight, scriptable alternative to Wireshark for capture and analysis.

Smart contract debugging and simulation. Transaction trace inspection, gas profiling, and fork testing.

Command-line tool for checking TLS/SSL ciphers, protocols, and cryptographic flaws on any port.

Collection of command-line tools for forensic analysis of disk images and file systems.

Exploit and payload generator. Creates backdoors with msfvenom, compiles with anti-AV evasion techniques.

theHarvester

Python

Gathers emails, names, subdomains, IPs, and URLs from multiple public sources for passive recon.

Fast TLS probe tool for grabbing TLS certificates, versions, and cipher information at scale.

Automated scam token detection. Analyzes contract code for honeypots, hidden mints, tax manipulation, and rug vectors.

Track deposits and withdrawals through Tornado Cash mixer. Probabilistic linking of mixed transactions.

SQL-based blockchain data API. Query decoded transactions, token transfers, NFT sales, and DeFi events.

Real-time feed of IOCs shared on Twitter by the infosec community. Domains, IPs, URLs, SHA256 hashes.

Advanced Twitter/X scraping tool. No API key needed. Scrapes tweets, followers, favorites, and more.

Real-time blockchain transaction visualizer. Animated street view of pending and confirmed transactions.

Quickly discover exposed hosts on the internet using multiple search engines like Shodan, Censys, and Fofa.

Asynchronous UDP/TCP port scanner with advanced stimulus-response analysis and OS fingerprinting.

Scan and analyze URLs for phishing indicators, malware, and suspicious behavior. Screenshot and DOM capture.

Bitcoin wallet clustering and labeling. Maps addresses to known entities — exchanges, mixers, markets, gambling.

waybackurls

Go

Fetch all URLs that the Wayback Machine knows about for a domain. Gold mine for hidden endpoints.

Web application fuzzer. Brute force parameters, directories, headers, and authentication credentials.

Track large cryptocurrency transactions in real time across all major blockchains. API and alerting.

Username enumeration across hundreds of websites with community-maintained JSON data.

Web technology fingerprinter. Identifies CMS, frameworks, JS libraries, servers, and analytics from HTTP responses.

Automated wireless attack tool. Wraps aircrack-ng, reaver, and hashcat for streamlined WiFi auditing.

WPScan

Ruby

WordPress security scanner. Enumerates plugins, themes, users, and checks for known vulnerabilities.

XSStrike

Python

Advanced XSS detection suite. Fuzzing engine, context analysis, and WAF detection/bypass capabilities.

Internet-wide single-packet scanner. Scans the entire IPv4 address space in under 5 minutes.