Tools for Penetration Testing

Tools For Your Defenses

At some point the c-Champions will need to provide technical resources to the network engineers and stakeholder managers. This section of the Toolkit provides a listing of various cyber threat hunting tools for the technical analysts within stakeholder organizations. Below are a series of hotlinks and short descriptions of what the website offers.

w3af – “w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.” (A. (2016). Andresriancho/w3af. Retrieved December 26, 2016, from

BeEF – “BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.” (B. (2016). Beefproject/beef. Retrieved December 26, 2016, from

Burp – “Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.” (Burp Suite. (n.d.). Retrieved December 26, 2016, from

For a guide on utilizing Burp Suite Community Edition, check out the Comparitech Cheat Sheet

Aircrack-ng – “Aircrack-ng is a complete suite of tools to assess WiFi network security.  All tools are command line which allows for heavy scripting.” (Aircrack-ng. (n.d.). Retrieved December 26, 2016, from

Mimikatz – “Mimikatz can extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.” (G. (2016). Gentilkiwi/mimikatz. Retrieved December 26, 2016, from

ophcrack – “Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.” (Ophcrack. (n.d.). Retrieved December 26, 2016, from

Proxifier  – “With Proxifier you can work through a chain of proxy servers. Connection to a remote host will be performed sequentially from one proxy server to another.” (Proxy Chains. (n.d.). Retrieved December 26, 2016, from

Auto-Responder – “This script will monitor the logs from Responder, loads NTLMv1 and NTLMv2 on the fly and crack them with your instance of Hashcat. Locally.” (S. (2015). Sensepost/autoresponder. Retrieved December 26, 2016, from

The Social-Engineer Toolkit (SET)  – “The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly.” (T. (2016). Trustedsec/social-engineer-toolkit. Retrieved December 26, 2016, from

SprayWMI – “SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on a system.” (T. (2015). Trustedsec/spraywmi. Retrieved December 26, 2016, from

Common User Passwords Profiler (CUPP) – “Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternative values…That is why CUPP was born”. (Mebus. (2021). Mebus/cupp. Retrieved June 26, 2021, from

FIRST – Function Identification and Recovery Signature Tool. (V. (2016). Vrtadmin/FIRST. Retrieved December 26, 2016, from

Metasploit  – Full range of Pen-testing programs that can be used for various things. (R. (2016). Rapid7/metasploit-framework. Retrieved December 26, 2016, from

Fluxion – “Fluxion is a security auditing and social-engineering research tool”. (Fluxion Network. (2021). FluxionNetwork/fluxion. Retrieved June 30, 2021, from

CyberChef – “CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser.” (G. (2016). Gchq/CyberChef. Retrieved December 26, 2016, from

%d bloggers like this: