search
Hack The Box - Reports

🛠️Pentesting Tools Cheat Sheet

Master essential penetration testing tools. Quick reference cheat sheet for network scanning, exploitation, web testing, and more.

A quick reference guide to essential penetration testing tools and their use cases.

hashtag
Information Gathering

Tool
Description

nmap

Network scanning and host discovery

whois

Domain and IP information lookup

dnsenum

DNS enumeration

theHarvester

Email and subdomain harvesting

hashtag
Scanning and Enumeration

Tool
Description

enum4linux

Windows SMB enumeration

nbtscan

NetBIOS scanner

nikto

Web server vulnerability scanner

enum4linux

SMB/CIFS enumeration tool

hashtag
Exploitation

Tool
Description

Metasploit

Framework for developing, testing exploits

sqlmap

SQL injection automation tool

hydra

Brute-force and dictionary attack tool

searchsploit

Exploit database search and download

hashtag
Post-Exploitation

Tool
Description

Mimikatz

Windows credentials extraction

PowerShell Empire

Post-exploitation framework

Linux Privilege Escalation Check

Linux privilege escalation scanner

Veil Framework

Generate undetectable payloads

hashtag
Wireless Hacking

Tool
Description

aircrack-ng

Wireless network auditing tool

Kismet

Wireless network detection and analysis

Reaver

WPS-enabled router attack tool

hashtag
Web Application Testing

Tool
Description

Burp Suite

Web vulnerability scanner and proxy

OWASP Zap

Web application security scanner

wpscan

WordPress vulnerability scanner

sqlmap

Automated SQL injection tool

hashtag
Reporting and Documentation

Tool
Description

Dradis

Collaborative reporting tool

KeepNote

Note-taking application for pen testers

hashtag
Note: Always use penetration testing tools responsibly and only on systems you have permission to test.

PreviousLinux Terminal Cheat SheetNextNmap Cheat Sheet

Last updated