🛠️Pentesting Tools Cheat Sheet
Master essential penetration testing tools. Quick reference cheat sheet for network scanning, exploitation, web testing, and more.
A quick reference guide to essential penetration testing tools and their use cases.
Information Gathering
nmap
Network scanning and host discovery
whois
Domain and IP information lookup
dnsenum
DNS enumeration
theHarvester
Email and subdomain harvesting
Scanning and Enumeration
enum4linux
Windows SMB enumeration
nbtscan
NetBIOS scanner
nikto
Web server vulnerability scanner
enum4linux
SMB/CIFS enumeration tool
Exploitation
Metasploit
Framework for developing, testing exploits
sqlmap
SQL injection automation tool
hydra
Brute-force and dictionary attack tool
searchsploit
Exploit database search and download
Post-Exploitation
Mimikatz
Windows credentials extraction
PowerShell Empire
Post-exploitation framework
Linux Privilege Escalation Check
Linux privilege escalation scanner
Veil Framework
Generate undetectable payloads
Wireless Hacking
aircrack-ng
Wireless network auditing tool
Kismet
Wireless network detection and analysis
Reaver
WPS-enabled router attack tool
Web Application Testing
Burp Suite
Web vulnerability scanner and proxy
OWASP Zap
Web application security scanner
wpscan
WordPress vulnerability scanner
sqlmap
Automated SQL injection tool
Reporting and Documentation
Dradis
Collaborative reporting tool
KeepNote
Note-taking application for pen testers
Note: Always use penetration testing tools responsibly and only on systems you have permission to test.
Last updated
Was this helpful?