Hacking Tools

Hacking Tools

A penetration tester has to rely on automated hacking tools because we are often up against a ticking clock. Real-world hackers (criminals) can spend an infinite amount of time building custom attack vectors and hacking tools to compromise their targets. We often have only 40 hours or less to conduct a thorough assessment of our target environment.  Reliable hacking tools are critical to our success.

Here you can find a collection of useful hacking tools used for penetration testing. These tools were contributed to or written entirely by members of pentestgeek.com. These tools have helped us shave off precious hours during an engagement and also assist in demonstrating value by compromising vulnerable hosts and/or facilitating in the execution of otherwise complex attack vectors.

As always, pentestgeek.com does not condone nor encourage the illegal use of hacking tools to compromise unauthorized targets and/or conduct penetration testing activities against systems without documented consent from an authoritative party. We present these tools freely in an effort to help educate and facilitate the legal practice of ethical hacking and penetration testing for the betterment of enterprise network security.

Pentest Geek Hacking Tools

Pentestgeek Hacking Tools

Tool NameTool Description
SmbexecA rapid psexec style hacking tool with samba that offers various features for common post exploitation needs including hash dumping, payload creation, UAC utilities and many others.
Phishing FrenzyA Ruby-on-Rails web application hacking tool used to manage email phishing campaigns through campaign customizations, reusing templates, and advanced statistical reporting.
Phishing ScriptsVarious phishing scripts/hacking tools that help your phishing campaign including, but not limited to tracking user clicks
CiscobruterA command line hacking tool for brute forcing Cisco SSL VPN’s that don’t use 2-factor authentication
WebshotJust another hacking tool to screenshot web servers. Useful for reporting on large engagements with hundreds of HTTP servers.

Metasploit Hacking Tools

•    http://www.metasploit.com/modules/auxiliary/admin/smb/psexec_ntdsgrab
•    http://metasploit.com/modules/auxiliary/scanner/smb/psexec_loggedin_users
•    http://metasploit.com/modules/auxiliary/admin/smb/psexec_command
•    http://www.metasploit.com/modules/post/windows/gather/netlm_downgrade
•    http://www.metasploit.com/modules/auxiliary/scanner/http/wordpress_pingback_access
•    http://www.metasploit.com/modules/auxiliary/scanner/rdp/ms12_020_check
•    http://www.metasploit.com/modules/post/windows/gather/local_admin_search_enum
•    http://www.metasploit.com/modules/exploit/windows/local/s4u_persistence
•    http://www.metasploit.com/modules/post/windows/gather/credentials/razer_synapse
•    http://www.metasploit.com/modules/post/windows/gather/credentials/spark_im

General Purpose Hacking Tools

Web Hacking Tools

Here are a few of the web hacking tools that we leverage during a typical engagement to identify web application attack vectors as well as to launch targeted web based attack vectors.

Password Hacking Tools

WiFi Hacking Tools

Subscribe to Pentest Geek

Follow Pentest Geek

twitterrssyoutubetwitterrssyoutube

Recent Posts

Penetration Testing

Categories

Metasploit

Web Application Hacking

css.php