Below some tools you can use for post exploitation while performing a penetration test:

Cryptcat: Netcat enhanced with twofish encryption

Hacker Defender: rootkit for Windows

Meterpreter: provides an interactive shell which allows you to use extensible features at run time

Netcat: networking utility which reads and writes data across network connections using the TCP/IP protocol.


Below some tools you can use for information gathering while performing a penetration test:


googledorks from Hackers for Charity and  from the Exploit Database

IP-address: free IP Address Lookup

Netcraft: what is that site running?

SHODAN: search engine for all connected object around the world (even fridges)

Threat Agent: collect informations from open sources (seems to be down?)

Wolfram|Alpha:  compute answers and provide knowledge

YouGetSignal:  collection of uncomplicated, powerful network tools


Below some tools you can use for exploitation while performing a penetration test:

acccheck: SMB brute forcer (login/password)

Aircrack: a suite of tools for 802.11a/b/g WEP and WPA cracking

Armitage: GUI front-end for the Metasploit Framework

backdoor-factory: patch win32/64 binaries with shellcode

BBQSQL: SQL injection tools highly customizable

BeEF: Browser Exploitation Framework, penetration testing tool that focuses on the web browser

Burp Suite: an integrated platform for performing security testing of web applications

cookie-cadger: catch web session on the network and reuse them to steal the session on a new browser

copy/merge-router-config: copy/merge config files from cisco router running snmp



Hostile subdomain takeover by Detectify
Hijacking of abandoned subdomains by Detectify


dnsexpire by me
3rdparty-services by me



Path-relative style sheet import by PortSwigger


Detecting and exploiting PRSSI vulnerabilites by PortSwigger
Relative path overwrite by The Spanner