🛠️Pentesting Tools Cheat Sheet

Master essential penetration testing tools. Quick reference cheat sheet for network scanning, exploitation, web testing, and more.

A quick reference guide to essential penetration testing tools and their use cases.

Information Gathering

Tool

Description

nmap

Network scanning and host discovery

whois

Domain and IP information lookup

dnsenum

DNS enumeration

theHarvester

Email and subdomain harvesting

Scanning and Enumeration

Tool

Description

enum4linux

Windows SMB enumeration

nbtscan

NetBIOS scanner

nikto

Web server vulnerability scanner

enum4linux

SMB/CIFS enumeration tool

Exploitation

Tool

Description

Metasploit

Framework for developing, testing exploits

sqlmap

SQL injection automation tool

hydra

Brute-force and dictionary attack tool

searchsploit

Exploit database search and download

Post-Exploitation

Tool

Description

Mimikatz

Windows credentials extraction

PowerShell Empire

Post-exploitation framework

Linux Privilege Escalation Check

Linux privilege escalation scanner

Veil Framework

Generate undetectable payloads

Wireless Hacking

Tool

Description

aircrack-ng

Wireless network auditing tool

Kismet

Wireless network detection and analysis

Reaver

WPS-enabled router attack tool

Web Application Testing

Tool

Description

Burp Suite

Web vulnerability scanner and proxy

OWASP Zap

Web application security scanner

wpscan

WordPress vulnerability scanner

sqlmap

Automated SQL injection tool

Reporting and Documentation

Tool

Description

Dradis

Collaborative reporting tool

KeepNote

Note-taking application for pen testers

Note: Always use penetration testing tools responsibly and only on systems you have permission to test.

PreviousLinux Terminal Cheat Sheet NextNmap Cheat Sheet

Last updated 1 year ago

Was this helpful?