- ghidra | Reverse Engineering Framework
- gdb | Gnu Debugger for binaries
- radare2 | Dynamic Binary Analysis
- Imhex | Hex Editor especially for Reversing
- strings | Extract all strings from a file
- WASM Binary Toolkit | Tools for reversing and dealing with WASM
- waydroid | Android emulator for linux
- metasploit | Exploit Toolkit
- searchsploit / exploitdb | Let's you search exploit db in the command line
- sqlmap | Exploit tool for sql injection.
- gobuster | Path / Folder enumeration in URL's
- Burp Suite (Free Community Edition) | Web Proxy
- Zap | Web Proxy
- CeWL | Custom Wordlist Generator
- ffuf | Enumeration Tool for URL's
- hydra | Bruteforce Tool
- Wireshark | Network Packet Analyzer / Listener
- Netcat | Commandlinetool to interact with services
- Swaks | Tool to interact with SMTP
- nmap | classic port scanner
- plink.exe | can be used to port forward on windows machines
- chisel | network pivoting tool
- evil-winrm | Tool to interact with Windows WinRM
- evil-winrm-py | Same as evil-winrm but it's written in python
- penelope | Penelope is a powerful (reverse) shell handler
- ligolo-ng | An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
- perl-image-exiftool | Tool to view metadata of images
- foremost | Let's you extract hidden data from a file
- imagemagick | Similar to exiftool. Let's you view image meta data
- stegextract | Extracts hidden information in images
- stegsolve | Similar to stegextract, extract hidden information in images
- stegoveritas | Tool for stego does a lot
- binwalk | Extracting Files in another File
- Aperi Solve | Website that does A TON of stego stuff
- imgclip | Extracts text from image
- tldr | Better man pages / short intro to the command and examples
- sqsh | Client for MSSQL
- beam | OpenVPN File Manager
- john (John The Ripper) | Password Cracker
- hashcat | Password Cracker
- hashid | Hash Identifier
- pspy | Process monitor without root priv
- jq | sed,awk,grep for json data
- Default Creds Cheat Sheet | Commandline Tool for looking up default creds for services
- Hexed It | Online Hexedit
- Cook | Wordlist Swiss Army
- [mssql-tools] | Official Tooling for MSSQL by Microsoft
- Volatility | Memory Forensic Tool
- SleuthKit | Volume and File System forensic
- gdu | TUI Go Disk Usage tool
- OSINT-Framework | A website that allows to do a lot of osint stuff
- Gowitness | Screenshot tool for webserver. Like Eyewitness
- Subfinder | Subdomain finder written in Go
- Katana | Web Crawler / Spider written in Go
- Webhooks | Web-based application to capture incoming requests
- Debuggex | Reggex Viewer
- ngrok | Tool for hosting a local port to the outside (still need to check to out)
- Impacket | Network Toolkit in Python
- PowerSploit | Powershell Tools for Pentesting
- Bloodhound | Analyze Active Directory Data
- bloodhound-python | Collects information remotely for bloodhound
- OneLook | Word Search with regex like search and more
- Croc | Tool to send stuff from one computer to another quick and secure
- vfox | A version manager for java, nodejs, .net and more
To see some useful tricks and tips see tips.md