Pentest - Exploitation tools

Below some tools you can use for exploitation while performing a penetration test:

acccheck: SMB brute forcer (login/password)

Aircrack: a suite of tools for 802.11a/b/g WEP and WPA cracking

Armitage: GUI front-end for the Metasploit Framework

backdoor-factory: patch win32/64 binaries with shellcode

BBQSQL: SQL injection tools highly customizable

BeEF: Browser Exploitation Framework, penetration testing tool that focuses on the web browser

Burp Suite: an integrated platform for performing security testing of web applications

cookie-cadger: catch web session on the network and reuse them to steal the session on a new browser

copy/merge-router-config: copy/merge config files from cisco router running snmp

CutyCapt: perform web site screenshots

DAVTest: webdav exploitation tool

DBPwAudit: java tool to perform db brute force

DotDotPwn: perform traversal directory detection

dsniff: a collection of tools for network auditing and penetration testing (arpspoof, dnsspoof, dsniff, filesnarf,macof, mailsnarf, msgsnarf, urlsnarf, webspy)

Evilgrade: a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates

Ghost Phisher: emulate wifi access points, http server, mitm, phishing

hexorbase: database administration and brute force

Hydra: a very fast network logon cracker which support many different services

jboss-autopwn: remote command execution script for jboss server

John the Ripper: a fast password cracker

jsql: database administration and sql injection

Linux Exploit Suggester: returns a suggestive list of possible exploits of  a Linux operating systems release version

macchanger: an utility to manipulate MAC addresses

MDK3: is a proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses (ie. wifi)

Medusa: a speedy, massively parallel, modular, login brute-forcer

Metasploit: “world’s most used penetration testing software”

Ncrack: a high-speed network authentication cracking tool

Origami: a Ruby framework designed to parse, analyze, and forge PDF documents

PDFtk: PDF Tookit

Powerfuzzer: web fuzzer

Reaver: brute force attack against Wifi

SET: Social Engineering Toolkit

sfuzz: another fuzzer

ShellNoob: shellcode writing toolkit

sqlmap: automatic SQL injection and database takeover tool

Sqlninja: sql injection automation for Microsoft SQL Server

sqlsus: sql injection automation for MySQL

SSLScan: fast SSL/TLS scanner

Teensy USB: an USB-based microcontroller development system

twofi: create wordlist based on search term on twitter

w3af: a web application attack and audit framework

WebScarab: a framework for analysing applications that communicate using the HTTP and HTTPS protocols

Wfuzz: awesome web brute forcer

Wireshark: a network analysis tool formerly known as Ethereal

WPScan: Wordpress vulnerability scanner

XSSer: xss exploitation tools

Zed Attack Proxy: an easy to use integrated penetration testing tool for finding vulnerabilities in web applications

to be continued…

Wordpress testing

Here is the way I usually follow to test a Wordpress install.## Information gatheringGet basic informations with [WPScan](https://wpscan....… Continue reading

« Pentest - Information gathering tools

Published on November 04, 2014

Vulnerability - Subdomain takeover »

Published on January 01, 1970