Information
Gathering
Scanning &
Enumeration
Exploitation
and Techniques
Red Team
Post-exploitation
Tools
Report
PENTEST TOOLKIT
• Osint Framework
• Dig
• Dnsenum
• Sublist3r
• Dnstracer
• Hping3
• Whois
• Nmap
• Google Hacking
Database
• Doxing Techniques
• Dnsrecon
• Sslstrip
• Wireshark
• Recon-ng
• Nikto
• Maltego& Casefile
• Meetagofil
• Wafw00f
• Nmap
• Nikto
• Dnsenum
• Openvas& Nessus
• Oscanner
• Enum4linux
• PrivescCheck
• LinEnum
• Dnsdumpster
• Sqlninja
• Sqlsus
• Vega
• Wpscan and joomscan
• Dirb
• Gobuster and Wfuzz
• Fimap
• CURL
• Whatweb
• Powershell Scripts
• Metasploit
• Beef
• Exploitdb and Searchsploit
• Routersploit
• Sqlmap
• Hydra and patator
• Github search exploit
• Mitre Att&ck
• Veil-evasion
• Setoolkit & Shellphish
• Unicorn
• LuckyStrike
• Eggshell
• Burp suite
• Exploit pack
• Linux Suggester
• Shellter and Hyperion
• Netcat & cryptcat
• Crunch & Ophcrack & John
& Hashcat & Hashid &
ncrack
• Cobalt Strike
& Convenant & Gcat
&Trevorc2 &
Merlinc2 & dnscat
• Silenttrinity
• Psattack
• LinEnum
• UacMe
• Powerup
• Sherlock
• Tokenvator
• Potato
• PenTest Monkey &
Incognition
• Meterpreter &
Mimikatz
• Powershell Rat &
Responder &
Powersploit
By Joas Antonio
• Dradis
• Libre Office & Office
365
• Cherrytree
• Cutycapt
• Pipal
• RDPY
• Nipper-ng
• Google
Hacking report
template
• Attackforge
• Infection monkey
• IDE Faraday
资源评论
