Kali
Revision as of 00:53, 3 April 2014 by <bdi>PhilippeTeuwen</bdi> (talk | contribs)
Introduction
To add Kali repositories and pin them, see LMDE#Add_Kali_repositories
All repackaged or new packages made in kali have "kali" in their version number (unless they are in the kali-bleeding-edge)
See also http://docs.kali.org/kali-policy/kali-linux-relationship-with-debian
Lists
kali-linux
apt-cache search kali-linux|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-all - Kali Linux - all packages kali-linux-forensic - Kali Linux forensic tools kali-linux-full - Kali Linux complete system kali-linux-gpu - Kali Linux GPU tools kali-linux-pwtools - Kali Linux password cracking tools kali-linux-rfid - Kali Linux RFID tools kali-linux-sdr - Kali Linux SDR tools kali-linux-top10 - Kali Linux Top 10 tools kali-linux-voip - Kali Linux VoIP tools kali-linux-web - Kali Linux webapp assessment tools kali-linux-wireless - Kali Linux wireless tools
kali-linux-all
apt-cache depends kali-linux-all|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux-forensic - Kali Linux forensic tools kali-linux-full - Kali Linux complete system kali-linux-gpu - Kali Linux GPU tools kali-linux-pwtools - Kali Linux password cracking tools kali-linux-rfid - Kali Linux RFID tools kali-linux-sdr - Kali Linux SDR tools kali-linux-top10 - Kali Linux Top 10 tools kali-linux-voip - Kali Linux VoIP tools kali-linux-web - Kali Linux webapp assessment tools kali-linux-wireless - Kali Linux wireless tools android-sdk - Android software development kit backdoor-factory - Patch win32/64 binaries with shellcode bing-ip2hosts - Enumerate hostnames for an IP using bing.com device-pharmer - Search Shodan results and test credentials doona - Network fuzzer forked from bed freeradius - high-performance and highly configurable RADIUS server hackersh - Shell-like wrapper of various security tools htshells - Self contained htaccess shells and attacks ismtp - SMTP user enumeration and testing tool linux-exploit-suggester - Script to keep track of vulnerabilities and suggest possible exploits masscan - Asynchronous TCP port scanner sandi - Exploit search engine shellnoob - Shellcode writing toolkit teamsploit - Tools for group based penetration testing veil-evasion - Generate payloads that bypass antivirus solutions veil-catapult - Payload delivery tool that integrates with veil-evasion
kali-linux-top10
apt-cache depends kali-linux-top10|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system aircrack-ng - wireless WEP/WPA cracking utilities burpsuite - platform for security testing of web applications hydra - very fast network logon cracker john - active password cracking tool maltego - Open source intelligence and forensics application maltego-teeth - Set of offensive Maltego transforms metasploit - Penetration testing and exploit development tool with web-based interface metasploit-framework - Framework for exploit development and vulnerability research nmap - The Network Mapper zaproxy - Testing tool for finding vulnerabilities in web applications. sqlmap - automatic SQL injection tool wireshark - network traffic analyzer - GTK+ version
kali-linux-forensic
apt-cache depends kali-linux-forensic|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system afflib-tools - support for Advanced Forensics format (utilities) apktool - A tool for reverse engineering Android apk files autopsy - graphical interface to SleuthKit bulk-extractor - Extracts information without parsing filesystem cabextract - Microsoft Cabinet file unpacker capstone - Multi-platform, multi-architecture disassembly framework chkrootkit - rootkit detector creddump - Extracts credentials from Windows registry hives cuckoo - Automated malware analysis system dc3dd - patched version of GNU dd with forensic features dcfldd - enhanced version of dd for forensics and security ddrescue - Copies data from one file or block device to another. dff - Powerful, efficient and modular digital forensic framework dissy - graphical frontend for objdump distorm3 - Powerful Disassembler Library For x86/AMD64 dumpzilla - Mozilla browser forensic tool edb-debugger - Linux equivalent of OllyDbg ewf-tools - collection of tools for reading and writing EWF files exiv2 - EXIF/IPTC metadata manipulation tool extundelete - utility to recover deleted files from ext3/ext4 partition fcrackzip - password cracker for zip archives firmware-mod-kit - Deconstruct and reconstruct firmware images flasm - assembler and disassembler for Flash (SWF) bytecode foremost - forensic program to recover lost files galleta - An Internet Explorer cookie forensic analysis tool gdb - GNU Debugger gparted - GNOME partition editor guymager - Forensic imaging tool based on Qt inetsim - Software suite for simulating common internet services iphone-backup-analyzer - iPhone backup decoder and analyzer jad - Java decompiler javasnoop - Intercept Java applications locally libewf1 - library with support for Expert Witness Compression Format libhivex-bin - utilities for reading and writing Windows Registry hives lvm2 - Linux Logical Volume Manager lynis - security auditing tool for Unix based systems magicrescue - recovers files by looking for magic bytes md5deep - Recursively compute hashsums or piecewise hashings mdbtools - JET / MS Access database (MDB) tools memdump - utility to dump memory contents to standard output missidentify - a program to find win32 applications nasm - General-purpose x86 assembler ollydbg - 32-bit assembler level analysing debugger p7zip-full - 7z and 7za file archivers with high compression ratio parted - disk partition manipulator pasco - An Internet Explorer cache forensic analysis tool pdfid - Scans PDF files for certain PDF keywords pdf-parser - Parses PDF files to identify fundamental elements pdgmail - Extracts gmail artifacts from a pd dump peepdf - PDF analysis tool pev - text-based tool to analyze PE files polenum - Extracts the password policy from a Windows system radare2 - free and advanced command line hexadecimal editor rdd - a forensic copy program readpst - Converts Outlook PST files to mbox and others recoverjpeg - tool to recover JPEG images from a filesystem image reglookup - utility to read and query Windows NT/2000/XP registry regripper - Windows registry forensics tool rifiuti - A MS Windows recycle bin analysis tool rifiuti2 - A MS Windows recycle bin analysis tool safecopy - Copy utility ignoring errors samdump2 - Dump Windows 2k/NT/XP password hashes scalpel - A Frugal, High Performance File Carver scrounge-ntfs - Data recovery program for NTFS filesystems sleuthkit - collection of tools for forensics analysis on volume and file system data smali - Assembler/disassembler for Android's dex format sqlitebrowser - GUI editor for SQLite databases tcpdump - command-line network traffic analyzer tcpflow - TCP flow recorder tcpick - TCP stream sniffer and connection tracker tcpreplay - Tool to replay saved tcpdump files at arbitrary speeds truecrack - Bruteforce password cracker for TrueCrypt volumes. truecrypt - Cross-platform on-the-fly encryption unrar - Unarchiver for .rar files (non-free version) upx-ucl - efficient live-compressor for executables vinetto - A forensics tool to examine Thumbs.db files volafox - Memory analyzer for Mac OS X & BSD volatility - advanced memory forensics framework wce - Windows Credentials Editor wireshark - network traffic analyzer - GTK+ version xplico - Network Forensic Analysis Tool (NFAT)
kali-linux-gpu
apt-cache depends kali-linux-gpu|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system oclhashcat - GPU password cracker pyrit - GPGPU-driven WPA/WPA2-PSK key cracker multiforcer - GPU accelerated password cracking tool oclgausscrack - Cracks verification hashes of the Gauss Virus truecrack - Bruteforce password cracker for TrueCrypt volumes.
kali-linux-pwtools
apt-cache depends kali-linux-pwtools|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-gpu - Kali Linux GPU tools chntpw - NT SAM password recovery utility cmospwd - decrypt BIOS passwords from CMOS crunch - Password wordlist generator dbpwaudit - Does online password audits of DB engines fcrackzip - password cracker for zip archives findmyhash - Crack hashes with online services gpp-decrypt - Group Policy Preferences decrypter hash-identifier - Tool to identify hash types hashcat - World’s fastest CPU-based password recovery tool hashcat-utils - Set of small utilities for advanced password cracking hydra - very fast network logon cracker hydra-gtk - very fast network logon cracker - GTK+ based GUI john - active password cracking tool johnny - GUI for John the Ripper keimpx - Check for valid credentials across a network over SMB maskprocessor - High-performance word generator medusa - fast, parallel, modular, login brute-forcer for network services mimikatz - Uses admin rights on Windows to display passwords in plaintext ncrack - High-speed network authentication cracking tool ophcrack - Microsoft Windows password cracker using rainbow tables (gui) ophcrack-cli - Microsoft Windows password cracker using rainbow tables (cmdline) pack - Password analysis and cracking kit passing-the-hash - Patched tools to use password hashes as authentication input patator - Multi-purpose brute-forcer phrasendrescher - Passphrase cracking tool pipal - Statistical analysis on password dumps polenum - Extracts the password policy from a Windows system rainbowcrack - Rainbow table password cracker rcracki-mt - Version of rcrack that supports hybrid and indexed tables rsmangler - Wordlist mangling tool samdump2 - Dump Windows 2k/NT/XP password hashes seclists - Collection of multiple types of security lists sipcrack - SIP login dumper/cracker sipvicious - Tools for auditing SIP based VoIP systems sqldict - Dictionary attack tool for SQL Server statsprocessor - High-performance word-generator sucrack - multithreaded su bruteforcer thc-pptp-bruter - THC PPTP Brute Force truecrack - Bruteforce password cracker for TrueCrypt volumes. twofi - Twitter words of interest wce - Windows Credentials Editor wordlists - Contains the rockyou wordlist
kali-linux-rfid
apt-cache depends kali-linux-rfid|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system libfreefare-bin - MIFARE card manipulations binaries libnfc-bin - Near Field Communication (NFC) binaries mfcuk - MFCUK - MiFare Classic Universal toolKit mfoc - MIFARE Classic offline cracker mfterm - Terminal for working with Mifare Classic 1-4k Tags python-rfidiot - Python library to explore RFID devices
kali-linux-sdr
apt-cache depends kali-linux-sdr|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system gnuradio - GNU Radio Software Radio Toolkit chirp - Configuration tool for amateur radios hackrf-tools - Hardware driver and tools for HackRF Jawbreaker kalibrate-rtl - Calculate local oscillator frequency offset using GSM base stations rtlsdr-scanner - Python frequency scanning GUI for the OsmoSDR rtl-sdr library gr-scan - Scans a range of frequencies and prints a list of discovered signals gqrx - Software defined radio receiver powered by GNU Radio multimon-ng - Digital radio transmission decoder uhd-host - universal hardware driver for Ettus Research products uhd-images - Various UHD Images libgnuradio-grextras - Advanced GNU Radio Blocks libgnuradio-baz - gnuradio new functionality blocks libgnuradio-osmosdr - GNU Radio osmosdr block libgnuradio-osmosdr-apps - GNU Radio osmosdr applications libgnuradio-iqbalance - I/Q balancing block
kali-linux-voip
apt-cache depends kali-linux-voip|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system ace-voip - A simple VoIP corporate directory enumeration tool dnmap - Distributed nmap framework enumiax - IAX protocol username enumerator iaxflood - VoIP flooder tool inviteflood - SIP/SDP INVITE message flooding over UDP/IP libfindrtp - Library required by multiple VoIP tools nmap - The Network Mapper ohrwurm - RTP fuzzer pjproject - A multimedia communication library for SIP protos-sip - SIP test suite rtpbreak - Detects, reconstructs, and analyzes RTP sessions rtpflood - Tool to flood any RTP device rtpinsertsound - Inserts audio into a specified stream rtpmixsound - Mixes pre-recorded audio in real-time sctpscan - SCTP network scanner for discovery and security siparmyknife - SIP fuzzing tool sipcrack - SIP login dumper/cracker sipp - Traffic generator for the SIP protocol sipvicious - Tools for auditing SIP based VoIP systems voiphopper - Runs a VLAN hop security test wireshark - network traffic analyzer - GTK+ version
kali-linux-web
apt-cache depends kali-linux-web|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system apache2 - Apache HTTP Server apache2-mpm-event - transitional event MPM package for apache2 apache2-mpm-itk - transitional itk MPM package for apache2 apache2-mpm-prefork - transitional prefork MPM package for apache2 apache2-mpm-worker - transitional worker MPM package for apache2 apache-users - Enumerate usernames on systems with Apache UserDir module arachni - Web Application Security Scanner Framework automater - A IP and URL analysis tool. bbqsql - SQL Injection Exploitation Tool beef-xss - Browser Exploitation Framework (BeEF) blindelephant - A generic web application fingerprinter burpsuite - platform for security testing of web applications cadaver - command-line WebDAV client clusterd - Application server attack toolkit cookie-cadger - Cookie auditing tool for wired and wireless networks cutycapt - utility to capture WebKit's rendering of a web page davtest - Testing tool for WebDAV servers dbpwaudit - Does online password audits of DB engines dirb - URL bruteforcing tool dirbuster - Web server directory brute-forcer dnmap - Distributed nmap framework dotdotpwn - DotDotPwn - The Directory Traversal Fuzzer. eyewitness - Rapid web application triage tool fimap - LFI and RFI exploitation tool ftester - The Firewall Tester (FTester) is a tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. funkload - web testing tool golismero - Web application mapper grabber - Web application vulnerability scanner hamster-sidejack - Sidejacking tool hexorbase - Multiple database management and audit application http-tunnel - Tunneling software to tunnel through restrictive HTTP proxies httprint - Web server fingerprinting tool hydra - very fast network logon cracker hydra-gtk - very fast network logon cracker - GTK+ based GUI ikat - Interactive Kiosk Attack Tool inundator - Multi-threaded IDS false positive generator jboss-autopwn - JBoss script for obtaining remote shell access jd-gui - GUI Java .class decompiler joomscan - OWASP Joomla Vulnerability Scanner Project jsql - Java tool for automatic database injection laudanum - Collection of injectable web files lbd - Load balancer detector maltego - Open source intelligence and forensics application maltego-teeth - Set of offensive Maltego transforms medusa - fast, parallel, modular, login brute-forcer for network services mitmproxy - SSL-capable man-in-the-middle HTTP proxy mysql-server - MySQL database server (metapackage depending on the latest version) ncrack - High-speed network authentication cracking tool nikto - web server security scanner nmap - The Network Mapper oscanner - Oracle assessment framework owasp-mantra-ff - Web application security testing framework built on top of Firefox padbuster - Script for performing Padding Oracle attacks paros - Web application proxy patator - Multi-purpose brute-forcer php5 - server-side, HTML-embedded scripting language (metapackage) php5-mysql - MySQL module for php5 plecost - Wordpress fingerprinting tool powerfuzzer - Highly automated and fully customizable web fuzzer proxychains - proxy chains - redirect connections through proxy servers proxystrike - Active web application proxy proxytunnel - Create tcp tunnels trough HTTPS proxies, for using with SSH ratproxy - passive web application security assessment tool recon-ng - Web Reconnaissance framework written in Python redsocks - arbitrary TCP connection redirector to a SOCKS or HTTPS proxy server sidguesser - Guesses sids against an Oracle database siege - HTTP regression testing and benchmarking utility skipfish - fully automated, active web application security reconnaissance tool sqldict - Dictionary attack tool for SQL Server sqlitebrowser - GUI editor for SQLite databases sqlmap - automatic SQL injection tool sqlninja - SQL server injection and takeover tool sqlsus - MySQL injection tool sslcaudit - Tests SSL/TLS clients susceptibility to MITM attacks ssldump - An SSLv3/TLS network protocol analyzer sslh - ssl/ssh multiplexer sslscan - Fast SSL scanner sslsniff - SSL/TLS man-in-the-middle attack tool sslstrip - SSL/TLS man-in-the-middle attack tool sslsplit - Transparent and scalable SSL/TLS interception sslyze - Fast and full-featured SSL scanner stunnel4 - Universal SSL tunnel for network daemons thc-ssl-dos - Stress tester for the SSL handshake tlssled - Evaluates the security of a target SSL/TLS (HTTPS) server tnscmd10g - Tool to prod the oracle tnslsnr process ua-tester - User agent string tester uniscan - LFI, RFI, and RCE vulnerability scanner vega - Platform to test the security of web applications waffit - WAF auditing tool wapiti - web application vulnerability scanner webacoo - Web backdoor cookie script kit webhandler - Bash simulator to control a server using PHP system functions webscarab - Web application review tool webshag - Multi-threaded web server audit tool webshells - Collection of webshells webslayer - Web application bruteforcer websploit - Web exploitation framework weevely - Stealth tiny web shell wfuzz - Web application bruteforcer whatweb - Next generation web scanner wireshark - network traffic analyzer - GTK+ version wpscan - Black box WordPress vulnerability scanner xsser - XSS testing framework zaproxy - Testing tool for finding vulnerabilities in web applications.
kali-linux-wireless
apt-cache depends kali-linux-wireless|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-sdr - Kali Linux SDR tools aircrack-ng - wireless WEP/WPA cracking utilities pyrit - GPGPU-driven WPA/WPA2-PSK key cracker asleap - A tool for exploiting Cisco LEAP networks bluelog - Bluetooth scanner and logger bluemaho - GUI interface for testing Bluetooth devices bluepot - Bluetooth honeypot blueranger - Simple Bash script to locate Bluetooth devices bluesnarfer - A Bluesnarfing Utility bluez - Bluetooth tools and daemons bluez-hcidump - Analyses Bluetooth HCI packets btscanner - ncurses-based scanner for Bluetooth devices bully - Bully is a new implementation of the WPS brute force attack, written in C. cowpatty - Brute-force WPA dictionary attack crackle - Crack and decrypt BLE encryption eapmd5pass - Tool for extracting and cracking EAP-MD5 fern-wifi-cracker - Automated wifi cracker giskismet - Wireless recon visualization tool iw - tool for configuring Linux wireless devices killerbee - Framwork for ZigBee exploitation kismet - wireless sniffer and monitor - core libfreefare-bin - MIFARE card manipulations binaries libnfc-bin - Near Field Communication (NFC) binaries macchanger - utility for manipulating the MAC address of network interfaces mdk3 - Wireless attack tool for IEEE 802.11 networks mfcuk - MFCUK - MiFare Classic Universal toolKit mfoc - MIFARE Classic offline cracker mfterm - Terminal for working with Mifare Classic 1-4k Tags oclhashcat - GPU password cracker python-rfidiot - Python library to explore RFID devices reaver - brute force attack tool against Wifi Protected Setup PIN number redfang - Locates non-discoverable bluetooth devices rfcat - The swiss army knife of sub-GHz radio. rfkill - tool for enabling and disabling wireless devices sakis3g - Tool for establishing 3G connections spectools - Utilities for using the Wi-Spy USB spectrum analyzer hardware spooftooph - Automates spoofing or cloning Bluetooth devices ubertooth - An open source 2.4 GHz wireless development platform. wifi-honey - Wi-Fi honeypot wifitap - WiFi injection via a tun/tap device wifite - Python script to automate wireless auditing using aircrack-ng tools wireshark - network traffic analyzer - GTK+ version
kali-linux-full
apt-cache depends kali-linux-full|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-sdr - Kali Linux SDR tools 0trace - A traceroute tool that can run within an existing TCP connection. acccheck - Password dictionary attack tool for SMB ace-voip - A simple VoIP corporate directory enumeration tool afflib-tools - support for Advanced Forensics format (utilities) aircrack-ng - wireless WEP/WPA cracking utilities amap - next-generation scanning tool for pentesters apache-users - Enumerate usernames on systems with Apache UserDir module apktool - A tool for reverse engineering Android apk files arduino - AVR development board IDE and built-in libraries arping - sends IP and/or ARP pings (to the MAC address) arpwatch - Ethernet/FDDI station activity monitor arp-scan - arp scanning and fingerprinting tool asleap - A tool for exploiting Cisco LEAP networks automater - A IP and URL analysis tool. autopsy - graphical interface to SleuthKit bbqsql - SQL Injection Exploitation Tool bed - A network protocol fuzzer beef-xss - Browser Exploitation Framework (BeEF) binwalk - tool for searching binary images for embedded files and executable code blindelephant - A generic web application fingerprinter bluelog - Bluetooth scanner and logger bluemaho - GUI interface for testing Bluetooth devices bluepot - Bluetooth honeypot blueranger - Simple Bash script to locate Bluetooth devices bluesnarfer - A Bluesnarfing Utility bluez - Bluetooth tools and daemons bluez-hcidump - Analyses Bluetooth HCI packets braa - Mass SNMP scanner btscanner - ncurses-based scanner for Bluetooth devices bully - Bully is a new implementation of the WPS brute force attack, written in C. bulk-extractor - Extracts information without parsing filesystem burpsuite - platform for security testing of web applications cabextract - Microsoft Cabinet file unpacker cadaver - command-line WebDAV client casefile - Offline intelligence tool cdpsnarf - Network sniffer to extract CDP information cewl - Custom wordlist generator cgpt - GPT manipulation tool with support for Chromium OS extensions chirp - Configuration tool for amateur radios chkrootkit - rootkit detector chntpw - NT SAM password recovery utility cisco-auditing-tool - Scans Cisco routers for vulnerabilities cisco-global-exploiter - Simple and fast Cisco exploitation tool cisco-ocs - Mass Cisco scanner cisco-torch - Cisco device scanner clang - C, C++ and Objective-C compiler (LLVM based) cmospwd - decrypt BIOS passwords from CMOS copy-router-config - Copies Cisco configs via SNMP cowpatty - Brute-force WPA dictionary attack creddump - Extracts credentials from Windows registry hives creepy - geolocation information aggregator cryptsetup - disk encryption support - startup scripts crunch - Password wordlist generator cryptcat - A lightweight version netcat extended with twofish encryption curlftpfs - filesystem to access FTP hosts based on FUSE and cURL cutycapt - utility to capture WebKit's rendering of a web page cymothoa - Stealth backdooring tool darkstat - network traffic analyzer davtest - Testing tool for WebDAV servers dbd - Netcat clone with encryption dbpwaudit - Does online password audits of DB engines dc3dd - patched version of GNU dd with forensic features dcfldd - enhanced version of dd for forensics and security ddrescue - Copies data from one file or block device to another. deblaze - Performs testing against flash remoting endpoints dex2jar - Tools to work with android .dex and java .class files dff - Powerful, efficient and modular digital forensic framework dhcpig - DHCP exhaustion script dirb - URL bruteforcing tool dirbuster - Web server directory brute-forcer dissy - graphical frontend for objdump dmitry - Deepmagic Information Gathering Tool dnmap - Distributed nmap framework dns2tcp - TCP over DNS tunnel client and server dnschef - DNS proxy for penetration testers dnsenum - Tool to enumerate domain DNS information dnsmap - DNS domain name brute forcing tool dnsrecon - A powerful DNS enumeration script dnstracer - trace DNS queries to the source dnswalk - Checks dns zone information using nameserver lookups dos2unix - convert text file line endings between CRLF and LF dotdotpwn - DotDotPwn - The Directory Traversal Fuzzer. dradis - Collaboration tools for penetration testing driftnet - picks out and displays images from network traffic dsniff - Various tools to sniff network traffic for cleartext insecurities dumpzilla - Mozilla browser forensic tool eapmd5pass - Tool for extracting and cracking EAP-MD5 edb-debugger - Linux equivalent of OllyDbg enum4linux - Enumerates info from Windows and Samba systems enumiax - IAX protocol username enumerator ethtool - display or change Ethernet device settings ettercap-graphical - Ettercap GUI-enabled executable ewf-tools - collection of tools for reading and writing EWF files exiv2 - EXIF/IPTC metadata manipulation tool exploitdb - Searchable Exploit Database archive extundelete - utility to recover deleted files from ext3/ext4 partition fcrackzip - password cracker for zip archives fern-wifi-cracker - Automated wifi cracker fierce - Domain DNS scanner fiked - Cisco VPN attack tool fimap - LFI and RFI exploitation tool findmyhash - Crack hashes with online services flasm - assembler and disassembler for Flash (SWF) bytecode foremost - forensic program to recover lost files fping - sends ICMP ECHO_REQUEST packets to network hosts fragroute - Test a NIDS by attempting to evade using fragmented packets fragrouter - IDS evasion toolkit framework2 - Metasploit Framework 2 ftester - The Firewall Tester (FTester) is a tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. funkload - web testing tool galleta - An Internet Explorer cookie forensic analysis tool gdb - GNU Debugger ghost-phisher - GUI suite for phishing and penetration attacks giskismet - Wireless recon visualization tool golismero - Web application mapper goofile - Command line filetype search gpp-decrypt - Group Policy Preferences decrypter grabber - Web application vulnerability scanner guymager - Forensic imaging tool based on Qt hackrf-tools - Hardware driver and tools for HackRF Jawbreaker hamster-sidejack - Sidejacking tool hash-identifier - Tool to identify hash types hashcat - World’s fastest CPU-based password recovery tool hashcat-utils - Set of small utilities for advanced password cracking hexinject - Versatile packet injector and sniffer hexorbase - Multiple database management and audit application hotpatch - Hot patches Linux executables with .so file injection hping3 - Active Network Smashing Tool hydra - very fast network logon cracker hydra-gtk - very fast network logon cracker - GTK+ based GUI i2c-tools - heterogeneous set of I2C tools for Linux iaxflood - VoIP flooder tool ifenslave - configure network interfaces for parallel routing (bonding) ifenslave-2.6 - Attach and detach slave interfaces to a bonding device ikat - Interactive Kiosk Attack Tool ike-scan - discover and fingerprint IKE hosts (IPsec VPN Servers) inetsim - Software suite for simulating common internet services intersect - Post-exploitation framework intrace - Traceroute-like application piggybacking on existing TCP connections inundator - Multi-threaded IDS false positive generator inviteflood - SIP/SDP INVITE message flooding over UDP/IP iodine - tool for tunneling IPv4 data through a DNS server irpas - Internetwork Routing Protocol Attack Suite isr-evilgrade - Evilgrade framework jad - Java decompiler javasnoop - Intercept Java applications locally jboss-autopwn - JBoss script for obtaining remote shell access john - active password cracking tool johnny - GUI for John the Ripper joomscan - OWASP Joomla Vulnerability Scanner Project jsql - Java tool for automatic database injection keepnote - cross-platform note-taking and organization application keimpx - Check for valid credentials across a network over SMB killerbee - Framwork for ZigBee exploitation kismet - wireless sniffer and monitor - core laudanum - Collection of injectable web files lbd - Load balancer detector leafpad - GTK+ based simple text editor libcrafter - Library to generate and sniff network packets libewf1 - library with support for Expert Witness Compression Format libfindrtp - Library required by multiple VoIP tools libfreefare-bin - MIFARE card manipulations binaries libhivex-bin - utilities for reading and writing Windows Registry hives libnfc-bin - Near Field Communication (NFC) binaries lynis - security auditing tool for Unix based systems macchanger - utility for manipulating the MAC address of network interfaces magicrescue - recovers files by looking for magic bytes magictree - Penetration tester productivity tool maltego - Open source intelligence and forensics application maltego-teeth - Set of offensive Maltego transforms maskprocessor - High-performance word generator mc - Midnight Commander - a powerful file manager md5deep - Recursively compute hashsums or piecewise hashings mdbtools - JET / MS Access database (MDB) tools mdk3 - Wireless attack tool for IEEE 802.11 networks medusa - fast, parallel, modular, login brute-forcer for network services memdump - utility to dump memory contents to standard output metagoofil - Tool designed for extracting metadata of public documents metasploit - Penetration testing and exploit development tool with web-based interface metasploit-framework - Framework for exploit development and vulnerability research armitage - Cyber attack management for Metasploit mfcuk - MFCUK - MiFare Classic Universal toolKit mfoc - MIFARE Classic offline cracker mfterm - Terminal for working with Mifare Classic 1-4k Tags mimikatz - Uses admin rights on Windows to display passwords in plaintext minicom - friendly menu driven serial communication program miranda - UPNP administration tool miredo - Teredo IPv6 tunneling through NATs missidentify - a program to find win32 applications mitmproxy - SSL-capable man-in-the-middle HTTP proxy multiforcer - GPU accelerated password cracking tool multimac - Create multiple MACs on an adapter nasm - General-purpose x86 assembler nbtscan - A program for scanning networks for NetBIOS name information ncat-w32 - Netcat for the 21st century ncrack - High-speed network authentication cracking tool ncurses-hexedit - Edit files/disks in hex, ASCII and EBCDIC netdiscover - active/passive network address scanner using arp requests netmask - helps determine network masks netsed - network packet-altering stream editor netsniff-ng - packet sniffing beast netwag - graphical frontend for netwox nfspy - ID-spoofing NFS client ngrep - grep for network traffic nikto - web server security scanner nipper-ng - Device security configuration review tool nmap - The Network Mapper ohrwurm - RTP fuzzer ollydbg - 32-bit assembler level analysing debugger onesixtyone - fast and simple SNMP scanner openvas - Openvas dummy package. ophcrack - Microsoft Windows password cracker using rainbow tables (gui) ophcrack-cli - Microsoft Windows password cracker using rainbow tables (cmdline) oscanner - Oracle assessment framework p0f - Passive OS fingerprinting tool pack - Password analysis and cracking kit padbuster - Script for performing Padding Oracle attacks paros - Web application proxy pasco - An Internet Explorer cache forensic analysis tool passing-the-hash - Patched tools to use password hashes as authentication input patator - Multi-purpose brute-forcer pdfid - Scans PDF files for certain PDF keywords pdf-parser - Parses PDF files to identify fundamental elements pdgmail - Extracts gmail artifacts from a pd dump peepdf - PDF analysis tool perl-cisco-copyconfig - Provides methods for manipulating Cisco devices pev - text-based tool to analyze PE files phrasendrescher - Passphrase cracking tool pipal - Statistical analysis on password dumps pjproject - A multimedia communication library for SIP plecost - Wordpress fingerprinting tool polenum - Extracts the password policy from a Windows system powerfuzzer - Highly automated and fully customizable web fuzzer powersploit - PowerShell Post-Exploitation Framework protos-sip - SIP test suite proxychains - proxy chains - redirect connections through proxy servers proxystrike - Active web application proxy proxytunnel - Create tcp tunnels trough HTTPS proxies, for using with SSH ptunnel - Tunnel TCP connections over ICMP packets pwnat - NAT to NAT client-server communication pyrit - GPGPU-driven WPA/WPA2-PSK key cracker python-impacket - Python module to easily build and dissect network protocols python-impacket-doc - Python module to easily build and dissect network protocols python-rfidiot - Python library to explore RFID devices python-scapy - Packet generator/sniffer and network scanner/discovery rainbowcrack - Rainbow table password cracker radare2 - free and advanced command line hexadecimal editor rake - ruby make-like utility ratproxy - passive web application security assessment tool rcracki-mt - Version of rcrack that supports hybrid and indexed tables rdd - a forensic copy program readpst - Converts Outlook PST files to mbox and others reaver - brute force attack tool against Wifi Protected Setup PIN number rebind - DNS rebinding tool recon-ng - Web Reconnaissance framework written in Python recordmydesktop - Captures audio-video data of a Linux desktop session recoverjpeg - tool to recover JPEG images from a filesystem image redfang - Locates non-discoverable bluetooth devices redsocks - arbitrary TCP connection redirector to a SOCKS or HTTPS proxy server reglookup - utility to read and query Windows NT/2000/XP registry regripper - Windows registry forensics tool responder - NBT-NS/LLMNR Responder rifiuti - A MS Windows recycle bin analysis tool rifiuti2 - A MS Windows recycle bin analysis tool rsmangler - Wordlist mangling tool rtpbreak - Detects, reconstructs, and analyzes RTP sessions rtpflood - Tool to flood any RTP device rtpinsertsound - Inserts audio into a specified stream rtpmixsound - Mixes pre-recorded audio in real-time safecopy - Copy utility ignoring errors sakis3g - Tool for establishing 3G connections samdump2 - Dump Windows 2k/NT/XP password hashes sbd - Secure backdoor for linux and windows scalpel - A Frugal, High Performance File Carver scrounge-ntfs - Data recovery program for NTFS filesystems sctpscan - SCTP network scanner for discovery and security sendemail - lightweight, command line SMTP email client set - Social-Engineer Toolkit sfuzz - Black Box testing utilities sidguesser - Guesses sids against an Oracle database siege - HTTP regression testing and benchmarking utility siparmyknife - SIP fuzzing tool sipcrack - SIP login dumper/cracker sipp - Traffic generator for the SIP protocol sipvicious - Tools for auditing SIP based VoIP systems skipfish - fully automated, active web application security reconnaissance tool sleuthkit - collection of tools for forensics analysis on volume and file system data smali - Assembler/disassembler for Android's dex format smtp-user-enum - Username guessing tool primarily for the SMTP service. sniffjoke - Transparent TCP connection scrambler snmpcheck - SNMP service enumeration tool socat - multipurpose relay for bidirectional data transfer spectools - Utilities for using the Wi-Spy USB spectrum analyzer hardware spidermonkey-bin - standalone JavaScript/ECMAScript (ECMA-262) interpreter spike - Network protocol fuzzer spooftooph - Automates spoofing or cloning Bluetooth devices sqldict - Dictionary attack tool for SQL Server sqlitebrowser - GUI editor for SQLite databases sqlmap - automatic SQL injection tool sqlninja - SQL server injection and takeover tool sqlsus - MySQL injection tool sslcaudit - Tests SSL/TLS clients susceptibility to MITM attacks ssldump - An SSLv3/TLS network protocol analyzer sslh - ssl/ssh multiplexer sslscan - Fast SSL scanner sslsniff - SSL/TLS man-in-the-middle attack tool sslstrip - SSL/TLS man-in-the-middle attack tool sslsplit - Transparent and scalable SSL/TLS interception sslyze - Fast and full-featured SSL scanner statsprocessor - High-performance word-generator stunnel4 - Universal SSL tunnel for network daemons suckless-tools - simple commands for minimalistic window managers sucrack - multithreaded su bruteforcer swaks - SMTP command-line test tool t50 - Multi-protocol packet injector tool tcpflow - TCP flow recorder tcpick - TCP stream sniffer and connection tracker tcpreplay - Tool to replay saved tcpdump files at arbitrary speeds termineter - Smart meter testing framework tftpd32 - Open source ipv6-ready TFTP server for Windows thc-ipv6 - The Hacker Choice's IPv6 Attack Toolkit thc-pptp-bruter - THC PPTP Brute Force thc-ssl-dos - Stress tester for the SSL handshake theharvester - theHarvester is a tool for gathering e-mail accounts and subdomain names from public sources. tlssled - Evaluates the security of a target SSL/TLS (HTTPS) server tnscmd10g - Tool to prod the oracle tnslsnr process truecrack - Bruteforce password cracker for TrueCrypt volumes. truecrypt - Cross-platform on-the-fly encryption twofi - Twitter words of interest u3-pwn - Injects executables onto U3 USB devices ua-tester - User agent string tester udptunnel - tunnel UDP packets over a TCP connection unetbootin - installer of Linux/BSD distributions to a partition or USB drive uniscan - LFI, RFI, and RCE vulnerability scanner unicornscan - Userland distributed TCP/IP stack unix-privesc-check - Script to check for simple privilege escalation vectors urlcrazy - Domain typo generator vboot-kernel-utils - Chrome OS verified boot utils required to sign kernels vboot-utils - Chrome OS verified boot utils vega - Platform to test the security of web applications vim-gtk - Vi IMproved - enhanced vi editor - with GTK2 GUI vinetto - A forensics tool to examine Thumbs.db files vlan - user mode programs to enable VLANs on your ethernet devices voiphopper - Runs a VLAN hop security test volafox - Memory analyzer for Mac OS X & BSD volatility - advanced memory forensics framework vpnc - Cisco-compatible VPN client w3af - framework to find and exploit web application vulnerabilities waffit - WAF auditing tool wapiti - web application vulnerability scanner wce - Windows Credentials Editor webacoo - Web backdoor cookie script kit webscarab - Web application review tool webshag - Multi-threaded web server audit tool webshells - Collection of webshells webslayer - Web application bruteforcer websploit - Web exploitation framework weevely - Stealth tiny web shell winexe - Remote Windows-command executor wfuzz - Web application bruteforcer whatweb - Next generation web scanner wifi-honey - Wi-Fi honeypot wifitap - WiFi injection via a tun/tap device wifite - Python script to automate wireless auditing using aircrack-ng tools windows-binaries - Various pentesting Windows binaries wireshark - network traffic analyzer - GTK+ version wol-e - Wake on LAN Explorer wordlists - Contains the rockyou wordlist wpscan - Black box WordPress vulnerability scanner wvdial - intelligent Point-to-Point Protocol dialer xpdf - Portable Document Format (PDF) reader xprobe - Remote OS identification xspy - X server sniffer xsser - XSS testing framework xtightvncviewer - virtual network computing client software for X yersinia - Network vulnerabilities check software zaproxy - Testing tool for finding vulnerabilities in web applications. zenmap - The Network Mapper Front End zim - graphical text editor based on wiki technologies