Below you will see a small list of attack tools
All information presented here is for educational and training purposes. I am not responsible for its malicious use. I will only give a brief description of them, I will not go into detail about their use for now. By clicking on the tool you will automatically be redirected to the site to download the tool.
Updates:
- Aquatone changed the repository to "Archived" and plans to make important changes.
1.- Burp Suite - Framework.
2.- ZAP Proxy - Framework.
3.- Dirsearch - HTTP brute force.
4.- Nmap - Port scanning.
5.- Sublist3r - Subdomain discovery.
6.- Amass - Subdomain discovery.
7.- SQLmap - SQLi exploitation.
8.- Metasploit - Framework.
9.- WPscan - WordPress exploitation.
10.- Nikto - Webserver scanning.
11.- HTTPX - HTTP probing.
12.- Nuclei - YAML template scanning.
13.- FFUF - HTTP probing.
14.- Subfinder - Subdomain discovery.
15.- Masscan - Mass port and IP scanning.
16.- Lazy Recon - Subdomain discovery.
18.- Aquatone - HTTP inspection.
19.- LinkFinder - Endpoint discovery on JS files.
20.- JS-Scan - Endpoint discovery on JS files.
21.- GAU- Attack surface mapping.
22.- Parameth - Brute force on GET and POST parameters.
23.- truffleHog - Finds credentials on GitHub commits.
Thanks for reading
~ aiskoa.