TruffleHog - searches through git repositories to find secrets like API keys and passwords by detecting high-entropy strings. It's particularly useful in CI/CD pipelines or during source code audits. Compared to GitLeaks, it offers deeper scanning but may have more false positives., BloodHound - maps and visualizes Active Directory permissions and relationships to discover attack paths. It helps pentesters identify privilege escalation opportunities. Compared to ADExplorer, BloodHound is more attacker-focused and automated in its analysis., Tenable Nessus - commercial vulnerability scanner known for its accuracy and comprehensive plugin library. It’s widely used in enterprises for internal and external scans. Compared to OpenVAS, Nessus offers better UI and support but requires a license., PowerSploit - collection of PowerShell scripts designed for post-exploitation tasks like memory dumping, credential harvesting, and privilege escalation. While Empire incorporates similar features, PowerSploit is more modular and scriptable., Grype - vulnerability scanner for container images and filesystems. It integrates well into DevOps pipelines to scan for known issues in Docker or OCI images. Compared to Trivy, Grype provides broader SBOM support but slightly less speed., Trivy - fast and user-friendly tool for scanning container images, vulns, misconfig, secrets, also in kubebernetes clusters and SBOM support for vulnerabilities. It’s highly efficient for use in CI/CD environments. Trivy is often preferred over Grype for speed, though it may lack some advanced reporting features., Kube-hunter - used to discover vulnerabilities in Kubernetes clusters. It simulates attacks to assess cluster security posture. Compared to kube-bench (which checks configurations), kube-hunter actively probes for exposed services and misconfigurations, Metasploit - powerful exploitation framework that allows for exploit development, payload generation, and post-exploitation actions. It’s often the go-to tool for exploitation in penetration testing. Compared to msfvenom, which just generates payloads, Metasploit handles the full attack lifecycle., Netcat - simple but effective tool for reading and writing data across network connections. It’s commonly used for banner grabbing, reverse shells, and port scanning. Unlike Nmap, which scans for services, Netcat is more manual and lightweight., Impacket - Python library for crafting custom packets and implementing protocols like SMB, Kerberos, and NTLM. It’s used in lateral movement and credential attacks. Compared to Metasploit, Impacket provides more protocol-specific scripting capabilities., CrackMapExec - post-exploitation tool for Active Directory networks. It automates the enumeration of shares, credentials, and executes commands. While Impacket allows fine control over protocol interactions, CME simplifies these tasks with a batch-friendly interface. , msfvenom - used to generate shellcode and payloads for exploitation, often to be used in Metasploit. Unlike Metasploit, which is interactive, msfvenom is purely for payload creation., Responder - tool for LLMNR and NBT-NS poisoning, used to capture NTLMv2 hashes from misconfigured Windows environments. It often works in tandem with tools like Impacket for relay attacks. Compared to Inveigh (PowerShell-based), Responder is more robust and Linux-native., Hydra - parallelized login cracker that supports a wide range of protocols. It's used to brute-force login credentials on services like FTP, SSH, and HTTP. Compared to Medusa, Hydra supports more modules and better logging., hashcat - high-performance password cracker that supports GPU acceleration. It’s used for cracking password hashes obtained during pentests. Compared to John the Ripper, hashcat is faster for most modern hashes and better with GPU support., John the Ripper - CPU a fast password cracker supporting many hash types. It's ideal for offline password auditing. Compared to hashcat, it’s more flexible with custom wordlists and hash formats but slower without GPU acceleration., Medusa - modular login brute-forcer similar to Hydra, focused on speed and simplicity. While Hydra supports more protocols and modules, Medusa is lighter and effective for quick brute-force attempts., Burp Suite - integrated platform for web application security testing. It includes tools for intercepting traffic, scanning for vulnerabilities, and manipulating HTTP requests. Compared to OWASP ZAP, Burp Suite is more comprehensive and enterprise-focused., Mimikatz - post-exploitation tool that allows attackers to extract plaintext passwords, hashes, Kerberos tickets, and more from Windows systems. It’s especially powerful for credential dumping after privilege escalation. Compared to tools like Rubeus, Mimikatz covers a broader range of credential attacks beyond Kerberos., Rubeus - tool for abusing Kerberos in Windows environments. It enables ticket harvesting, pass-the-ticket, and Kerberoasting attacks. Unlike Mimikatz, which covers a wide variety of attacks, Rubeus focuses specifically on manipulating Kerberos tickets.,

tools 2

av
Skriv ut
Bädda in

Rankningslista

Visuell stil

Alternativ

Växla mall

Återställ sparas automatiskt: ?