NombreURLSODescriptionVideotags
Firepwdhttps://github.com/lclevy/firepwdfirefoxThis tool can be used to crack firefox master passwordfirefox,
passwords,
explorer
seclisthttps://github.com/danielmiessler/SecLists.gitdictionary,
web scanner,
fuzzing
ffufhttps://github.com/ffuf/ffuf## know how gathering subdomains
ffuf -u "https://FUZZ.fullledcolor.es" -w SecLists/Discovery/Web-Content/raft-large-words.txt

## know how gathering directories
ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt

## know how gathering files php
ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt -e .php

## know how gathering files php not show 404
ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt -e .php -fc 404
dictionary,
web scanner,
fuzzing
Burp Suite Professionalhttps://portswigger.net/burp/prowindows,linuxToolkit to automate, find and assist web vulnerability discovery and exploitationrequest,
response,
http,
querys,
intercept
sqlmaphttps://sqlmap.org/Automatic SQL injection and database takeover toolsql injection,
databases
Fridahttps://frida.re/Dynamic instrumentation toolkit to intercept and debug software that is closed-source or locked downintercept,
debug
APKLabhttps://github.com/APKLab/APKLabSet of scripts and tools to perform Reverse Engineering on Android applicationsreverse engineering,
android
mimikatzhttps://github.com/ParrotSec/mimikatzwindows## know how mimikatz windows
## know how windows enumeration mimikatz
## knnow how enumeration windows mimiktaz
Windows x32/x64 program to extract passwords, hash, PINs, and Kerberos tickets from memory
windows,
passwords,
hash,
pin,
kerberos
Rubeushttps://github.com/GhostPack/RubeuswindowsToolset for raw Kerberos interaction and abuseskerberos
Metasploithttps://www.metasploit.com/windows,linuxFramework to help launching and developing exploits and offensive tasksframework
Ghidrahttps://ghidra-sre.org/linuxSoftware Reverse Engineering (SRE) suite of tools developed by NSA's Research Directoratereverse engineering
John the Ripperhttps://www.openwall.com/john/Password recovery toolpasswords,
hash
hashcathttps://hashcat.net/hashcat/Fast, efficient and versatile hacking tool that assists offline brute-force attackspasswords,
hash,
bruteforce
Wiresharkhttps://www.wireshark.org/networkNetwork protocol analyzerman in the middle,
network analyzer
Aircrack-nghttps://www.aircrack-ng.org/networkSuite of tools to assess WiFi network securitywifi,
scanner
ngrokhttps://ngrok.com/Cross-platform application that exposes local server ports to the Internetports
Covenanthttps://github.com/cobbr/Covenant.NET command and control frameworkframework,
control
Nmaphttps://nmap.org/Utility for network discovery and security auditingports,
scanner
Vegahttps://subgraph.com/vega/Web security scanner and web security testing platform that helps validate SQLi, XSS, etc.web scanner
x64dbghttps://x64dbg.com/windowsOpen-source x64/x32 debugger for Windowsdebugger
WinDbgwindowsWindows default debugger that we use for kernel debuggingdebugger
hacktools firefoxhttps://addons.mozilla.org/en-US/firefox/addon/hacktools/firefoxweb addons
Hacktools chromehttps://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhichromeweb addons
Obsidian editorhttps://obsidian.md/editor
convert ip for evading waffhttps://www.silisoftware.com/tools/ipconverter.php?convert_from=216.58.215.78dwords,
16bits,
8bits,
waf,
evasion
hackvector.co.kuhttps://hackvertor.co.uk/public#multi tools evasion wafdwords,
16bits,
8bits,
waf,
evasion
aaencodehttps://utf-8.jp/public/aaencode.htmlaaencode tools javascript evasiondwords,
16bits,
8bits,
waf,
evasion
jjencodehttps://utf-8.jp/public/jjencode.htmljjencode tools javascript evasionjavascript,
evasion
jsfuckhttp://www.jsfuck.com/jsfuck tools javascript evasionjavascript,
evasion
js compresor evading wafhttp://dean.edwards.name/packer/js compresor evading wafjavascript,
evasion,
waf,
compresor
js yui compresor evading wafhttp://yui.github.io/yuicompressor/js yui compresor evading wafjavascript,
evasion,
waf,
compresor
OpenVAShttps://www.openvas.org/Full-featured vulnerability scannerweb scanner,
vulnerability scanner
dalfoxhttps://github.com/hahwul/dalfoxxssxss
xsscrapyhttps://github.com/DanMcInerney/xsscrapyxssxss
xsserhttps://github.com/epsylon/xsserxssxss
brutexsshttps://github.com/rajeshmajumdar/BruteXSSxssxss
xssstrikehttps://github.com/s0md3v/XSStrikexssxss
BeEFhttps://beefproject.com/The Browser Exploitation Framework, a penetration testing tool that focuses on the web browserxss,
framework,
web scanner
GNU Wgethttps://www.gnu.org/software/wget/phising,
clone website
Beef web cloninghttps://github.com/AbertayHackers/BeEFphising,
clone website
Set social engineer toolkit site clonerphising,
clone website
urlcrazyhttps://github.com/urbanadventurer/urlcrazyto get similar domains.domains,
phising
sql injection cheat sheethttps://portswigger.net/web-security/sql-injection/cheat-sheetwebPortswigger sql injection cheat sheetcheat sheet,
sql injection,
web
subinACLhttps://windows-resource-kit-tools-subinacl-exe.software.informer.com/windowsunquoted privilege escalation windowsprivilege escalation,
windows
powersploit powerup.ps1https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1windowsunquoted privilege escalation windowsprivilege escalation,
windows
Winpeashttps://github.com/carlospolop/PEASS-ng/tree/master/winPEASwindowsunquoted privilege escalation windowsprivilege escalation,
windows
Methodology unquoted privilege escalation windowshttps://www.hackingarticles.in/windows-privilege-escalation-unquoted-service-path/windowsMethodology unquoted privilege escalation windowsprivilege escalation,
windows
AlwaysInstallElevatedhttps://www.hackingarticles.in/windows-privilege-escalation-alwaysinstallelevated/windowsAlwaysInstallElevatedprivilege escalation,
windows
SeBackupPrivilegehttps