Cybersecurity Toolkit
Explore essential tools and platforms used by professionals to test, monitor, and defend systems.
A
Autopsy
An open-source digital forensics platform used to analyze hard drives and smartphones.
B
Burp Suite
A web vulnerability scanner and testing platform for web application security assessments.
Bettercap
A powerful, flexible tool for network attacks and monitoring, including MITM and sniffing.
C
CyberChef
A web app for encryption, encoding, compression, and data analysis, known as the 'Cyber Swiss Army Knife'.
Cuckoo Sandbox
An automated malware analysis system for dynamic analysis of suspicious files.
D
Dirbuster
A multi-threaded Java app for brute forcing directories and file names on web/application servers.
E
Exploit Database
A curated archive of exploits and vulnerable software used by penetration testers and researchers.
F
FTK Imager
A tool for acquiring forensic images and previewing data without making changes.
Fiddler
A web debugging proxy tool that logs HTTP(S) traffic between computers and the internet.
G
Ghidra
A reverse engineering tool developed by the NSA to analyze compiled code on a variety of platforms.
Gobuster
A command line tool for directory and DNS brute-forcing written in Go.
H
Hashcat
An advanced password recovery tool supporting GPU acceleration and a wide variety of hash types.
Hydra
A popular brute-force password cracking tool for network logins.
K
Kali Linux
A Debian-based distribution designed for penetration testing and digital forensics.
KeePassXC
A secure and open-source password manager for Windows, macOS, and Linux.
M
Metasploit Framework
A powerful tool for developing and executing exploit code against remote targets.
Maltego
A data mining tool used for link analysis and intelligence gathering.
N
Nmap
A network discovery and security auditing tool used to scan systems and detect services.
Nessus
A vulnerability scanner used to identify and assess network vulnerabilities.
O
OSINT Framework
A collection of resources for open-source intelligence gathering.
P
Proxychains
A tool that forces connections through proxy servers like TOR or SOCKS.
Password Cracking Toolkit (PCTK)
A suite of tools and dictionaries for auditing and recovering passwords.
R
RITA (Real Intelligence Threat Analytics)
A tool for detecting command and control channels and beaconing behavior.
Responder
A LLMNR, NBT-NS, and MDNS poisoner used for credential capturing.
S
Shodan
A search engine for Internet-connected devices that provides insights into exposed assets.
SecurityTrails
A platform that provides threat intelligence and domain/IP history data.
T
TheHive
An open-source incident response platform designed for SOCs and CERTs.
TShark
A CLI packet analyzer based on Wireshark's core engine.
V
VirusTotal
A free service that analyzes suspicious files and URLs to detect malware.
Velociraptor
A DFIR tool for endpoint visibility, live response, and hunting.
W
Wireshark
A widely used network protocol analyzer for troubleshooting and analysis.
WPScan
A WordPress vulnerability scanner used to detect security issues in WP installations.
Z
ZAP (Zed Attack Proxy)
An open-source web application security scanner maintained by OWASP.