🛠️Tools & Utilities

This directory contains documentation, examples, and usage guides for various penetration testing tools that I commonly use during assessments.

Tool Categories

• Reconnaissance & Information Gathering

• Vulnerability Scanning

• Web Application Testing

• Network Testing

• Password Attacks

• Exploitation

• Post-Exploitation

Reconnaissance & Information Gathering

• Nmap - Network discovery and security auditing

• Gobuster - Directory/file & DNS busting tool

• TheHarvester - E-mail, subdomain and people gathering

Vulnerability Scanning

• Nikto - Web server scanner

• Nuclei - Vulnerability scanner

Web Application Testing

• Burp Suite - Web application security testing

• OWASP ZAP - Web application security scanner

• SQLmap - Automatic SQL injection tool

Network Testing

• Wireshark - Network protocol analyzer

• Metasploit - Penetration testing framework

Password Attacks

• Hydra - Online password cracking tool

• Hashcat - Advanced password recovery

• John the Ripper - Powerful password cracking tool

Exploitation

• Metasploit Framework - Exploitation framework

Post-Exploitation

• Mimikatz - Windows credential dumping

• PowerSploit - PowerShell post-exploitation framework

Contributing

Feel free to suggest additional tools or improvements to existing documentation by submitting pull requests.

Disclaimer

These tools are documented for educational purposes only. Always ensure you have proper authorization before using these tools against any system.