Pentesting Toolset

This is a list of our toolset that we recommend for running pentests. You know or you want to know something else? Ask us!

Helper Tools

For this	We use
Pentest Reporting	SysReptor
Screenshots	Flameshot
Note Taking	SysReptor
Diagrams	Excalidraw (also available in SysReptor)

Pentests in General

For this	We use
Encoding/Decoding	CyberChef (also available in SysReptor)
Data Leak Lookup	SysLeaks, Kaduu, HIBP
PW Cracking	hashcat, Hashtopolis
PW Lists	SysLeaks, Weakpass
Open TCP Ports	portquiz

Web Tests

For this	We use
Web App Testing	Burp Professional
Directory and File Search	dirsearch, gobuster
Web Spider and Endpoint Detection	katana
Web Vuln Scanner	Burp Professional, nuclei
SSL Inspection	sslyze, tls-scanner
SQLi Exploitation	sqlmap
Cookie Cracking	cookiemonster
JWT Tampering	jwt_tool
Secret Discovery	TruffleHog

Burp Plugins

For this	We use
Authorization Testing	Auth Analyzer, Autorize
JWT Testing	JSON Web Tokens, JWT Editor
SAML Testing	SAML Raider
Endpoint Detection via JS	JS Link Finder
Additional Vuln Scans	Active Scan++, Upload Scanner
HTTP Request Smuggling	HTTP Request Smuggler
ViewState Editing	ViewState Editor
Java Platform Scanner	J2EEScan
Pingback Erkennung	Collaborator Everywhere
sqlmap Integration	SQLiPy Sqlmap Integration
IP Restriction Bypass	IP Rotate
WAF Bypass	nowafpls

Active Directory & Windows Tests

We provide some of the following tools precompiled at GitHub.

For this	We use
AD Enumeration	BloodHound, ADRecon, NetExec
AD CS Exploitation	Certify, Certipy
AD Queries	PowerView, SeatBelt
AD Analysis	PingCastle, PurpleKnight
DNS Dump	adidnsdump
Windows Password Extraction	mimikatz, lsassy, pypykatz
Local Credential Extraction	LaZagne
Powershell Runspace	Stracciatella
MachineAccountQuota/DNS Exploitation	Powermad
Kerberos Interactions	Rubeus, Kerbrute
Network Protocol Attacks	Impacket, Responder, Inveigh
Local Privesc	SharpUp, WinPEAS, LinPEAS, Crassus
Local Process Monitoring	Process Monitor
SCCM Credential Gathering	SharpSCCM
RDP MitM	pyrdp
Shadow Credential Exploitation	Whisker
WSUS Abuse	SharpWSUS
Entra ID Authentications	ROADtools
SMB Share Audit	Snaffler