# Pentesting Tools Cheat Sheet

A quick reference guide to essential penetration testing tools and their use cases.

## Information Gathering

| Tool           | Description                         |
| -------------- | ----------------------------------- |
| `nmap`         | Network scanning and host discovery |
| `whois`        | Domain and IP information lookup    |
| `dnsenum`      | DNS enumeration                     |
| `theHarvester` | Email and subdomain harvesting      |

## Scanning and Enumeration

| Tool         | Description                      |
| ------------ | -------------------------------- |
| `enum4linux` | Windows SMB enumeration          |
| `nbtscan`    | NetBIOS scanner                  |
| `nikto`      | Web server vulnerability scanner |
| `enum4linux` | SMB/CIFS enumeration tool        |

## Exploitation

| Tool           | Description                                |
| -------------- | ------------------------------------------ |
| `Metasploit`   | Framework for developing, testing exploits |
| `sqlmap`       | SQL injection automation tool              |
| `hydra`        | Brute-force and dictionary attack tool     |
| `searchsploit` | Exploit database search and download       |

## Post-Exploitation

| Tool                               | Description                        |
| ---------------------------------- | ---------------------------------- |
| `Mimikatz`                         | Windows credentials extraction     |
| `PowerShell Empire`                | Post-exploitation framework        |
| `Linux Privilege Escalation Check` | Linux privilege escalation scanner |
| `Veil Framework`                   | Generate undetectable payloads     |

## Wireless Hacking

| Tool          | Description                             |
| ------------- | --------------------------------------- |
| `aircrack-ng` | Wireless network auditing tool          |
| `Kismet`      | Wireless network detection and analysis |
| `Reaver`      | WPS-enabled router attack tool          |

## Web Application Testing

| Tool         | Description                         |
| ------------ | ----------------------------------- |
| `Burp Suite` | Web vulnerability scanner and proxy |
| `OWASP Zap`  | Web application security scanner    |
| `wpscan`     | WordPress vulnerability scanner     |
| `sqlmap`     | Automated SQL injection tool        |

## Reporting and Documentation

| Tool       | Description                             |
| ---------- | --------------------------------------- |
| `Dradis`   | Collaborative reporting tool            |
| `KeepNote` | Note-taking application for pen testers |

## Note: Always use penetration testing tools responsibly and only on systems you have permission to test.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.subze3r0.com/cheat-sheets/pentesting-tools-cheat-sheet.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.