Information Gathering Tools
- Recon-ng – Web reconnaissance framework
- Guide
- Cookbook
- Cheatsheet
- FOCA – Analyze, extracts and classifies hidden information from web servers.
- Guide
- Cookbook
- Cheatsheet
- Maltego – OSINT data collection
- Guide
- Cookbook
- Cheatsheet
- Datasploit – Automated OSINT on a domain / email / username / phone
- Guide
- Cookbook
- Cheatsheet
- fierce – DNS reconnaissance
- Guide
- Cookbook
- Cheatsheet
- The Harvester – Gather e-mail, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources
- Guide
- Cookbook
- Cheatsheet
- Shodan – IOT search engine
- DNSdumpster – DNS recon and research
Scanning Tools
- nmap – Port Scanner, & Network Exploration Tool
- Cheatsheet
- Guide
- Nessus – Vulnerability scanner
- Cheatsheet
- Guide
- Nikto – Webserver scanner
- masscan – Mass port scanner
- Guide
- Cheatsheet
- MXtoolbox.com – MX record lookup
- Pentest-tools.com – web based scanning tools
Social Engineering
- Social Engineering Toolkit (SET) – Penetration testing around Social-Engineering
- Cheatsheets
- Guide
- Phishing Frenzy – Customize and manage email phishing campaigns
- Cheatsheets
- Guide
Attack Tools
- netcat – Read and write to network connections using TCP or UDP
- Cheatsheets
- Guide
- Mimikatz – Gather credential data from Windows systems
- Cheatsheets
- Guide
- Metasploit – Execute exploit code against a remote target machine.
- Cheatsheets
- Guide
- Exploit Database – Database of exploits for use with Metasploit
- Guide
- Empire – post-exploitation agent
- Hydra – Login cracker
- Cheatsheets
- Guide
- scapy – Packet manipulation program
- Cheatsheets
- Guide
- Responder – Windows credential stealing
- Cheatsheets
- Guide
- Hashcat – Password cracking utility
- Cheatsheets
- Guide
- Password Lists
- sqlmap – Detect and exploit SQL flaws
- Cheatsheets
- Guide
Wireless Tools
- Wifite – WIreless cracking
- Cheatsheets
- Guide
- Aircrack-ng – WiFi network security assessment
- Cheatsheets
- Guide
- Kismet – Wireless network detector, sniffer, and IDS
- Cheatsheets
- Guide
Monitoring Tools
- Snort – network intrusion detection system
- Cheatsheets
- Guide
- Bro – Network analysis framework and IDS
- Cheatsheets
- Guide
- Squert – query and view event data stored in a Sguil
- Cheatsheets
- Guide
- ELSA – Enterprise Log Search and Archive
- Cheatsheets
- Guide
- Sguil – Network security monitor (NSM)
- Cheatsheets
- Guide
- ROCK NSM – Network Security Monitoring
- Cheatsheets
- Guide
- Security Onion – IDS, NSM, Log Management, Hunting, intrusion detection, networksecurity monitoring
- Cheatsheets
- Guide
- Wireshark – Network protocol analyzer
- Cheatsheets
- Guide
- tcpdump – Packet analyzer
- Cheatsheets
- Guide
Analysis/Audit Tools
- Virustotal
- Sysinternal
- AD info
Powershell
Other Cheatsheets