- Metasploit Unleashed - Free Offensive Security metasploit course
- PTES - Penetration Testing Execution Standard
- OWASP - Open Web Application Security Project
- Kali - A Linux distribution designed for digital forensics and penetration testing
- BlackArch - Arch Linux-based distribution for penetration testers and security researchers
- Metasploit Framework - World's most used penetration testing software
- Burp Suite - An integrated platform for performing security testing of web applications
- ExploitPack - Graphical tool for penetration testing with a bunch of exploits
- Netsparker - Web Application Security Scanner
- Nexpose - Vulnerability Management & Risk Management Software
- Nessus - Vulnerability, configuration, and compliance assessment
- Nikto - Web application vulnerability scanner
- OpenVAS - Open Source vulnerability scanner and manager
- OWASP Zed Attack Proxy - Penetration testing tool for web applications
- Secapps - Integrated web application security testing environment
- w3af - Web application attack and audit framework
- Wapiti - Web application vulnerability scanner
- WebReaver - Web application vulnerability scanner for Mac OS X
- nmap - Free Security Scanner For Network Exploration & Security Audits
- tcpdump/libpcap - A common packet analyzer that runs under the command line
- Wireshark - A network protocol analyzer for Unix and Windows
- Network Tools - Different network tools: ping, lookup, whois, etc
- netsniff-ng - A Swiss army knife for for network sniffing
- Aircrack-ng - a set of tools for auditing wireless network
- Kismet - Wireless network detector, sniffer, and IDS
- Reaver - Brute force attack against Wifi Protected Setup
- AirCrack - Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program.
- John the Ripper - Fast password cracker
- Lophcrack - Hash extraction from 64 bit Windows, multiprocessor algorithms, network monitoring and decoding.
- Online MD5 cracker - Online MD5 hash Cracker
- Sysinternals Suite - The Sysinternals Troubleshooting Utilities
- Windows Credentials Editor - security tool to list logon sessions and add, change, list and delete associated credentials
- mimikatz - Credentials extraction tool for Windows OS
- LOIC - An open source network stress tool for Windows
- JS LOIC - JavaScript in-browser version of LOIC
- Maltego - Proprietary software for open source intelligence and forensics, from Paterva.
- Tor - The free software for enabling onion routing online anonymity
- I2P - The Invisible Internet Project
- NVD - US National Vulnerability Database
- CERT - US Computer Emergency Readiness Team
- OSVDB - Open Sourced Vulnerability Database
- Bugtraq - Symantec SecurityFocus
- Exploit-DB - Offensive Security Exploit Database
- Fulldisclosure - Full Disclosure Mailing List
- MS Bulletin - Microsoft Security Bulletin
- MS Advisory - Microsoft Security Advisories
- Inj3ct0r - Inj3ct0r Exploit Database
- Packet Storm - Packet Storm Global Security Resource
- SecuriTeam - Securiteam Vulnerability Information
- CXSecurity - CSSecurity Bugtraq List
- Vulnerability Laboratory - Vulnerability Research Laboratory
- ZDI - Zero Day Initiative
- Offensive Security Training - Training from BackTrack/Kali developers
- SANS Security Training - Computer Security Training & Certification
- Open Security Training - Training material for computer security classes
- Black Hat - An annual security conference in Las Vegas
- BSides - A framework for organising and holding security conferences
- DEF CON - An annual hacker convention in Las Vegas
- DerbyCon - An annual hacker conference based in Louisville
- PhreakNIC - A technology conference held annually in middle Tennessee
- SkyDogCon - A technology conference in Nashville, TN
- ShmooCon - An annual US east coast hacker convention
- ThotCon - An annual US hacker conference held in Chicago
Your contributions and suggestions are welcomed!
This work is licensed under a Creative Commons Attribution 4.0 International License