Shodan
Search engine for Internet-connected devices
Top Security Tools of 2025
100 essentials across recon, web, network, AD, cloud, containers, DFIR, and C2
Censys
Internet-wide scan data and assets search
BinaryEdge
Exposure and threat surface intelligence
FOFA
Global Internet assets search engine
Amass
In-depth attack surface mapping and asset discovery
Subfinder
Fast passively enumerating subdomains
theHarvester
E-mail, subdomain and names harvesting
SpiderFoot
Automated OSINT collection and analysis
Recon-ng
Modular web reconnaissance framework
Maltego
Graph-based link analysis for OSINT
OSINT Framework
Directory of OSINT resources and tools
Sherlock
Find usernames across social networks
Burp Suite
Integrated platform for web application security testing
OWASP ZAP
Open source web app scanner and proxy
Nuclei
Fast, template-based vulnerability scanner
Nikto
Web server scanner for dangerous files and misconfigs
sqlmap
Automatic SQL injection and takeover tool
ffuf
Fast web fuzzer for content discovery
dirsearch
Brute force directories and files on web servers
kiterunner
API discovery and enumeration toolkit
Volatility
Advanced memory forensics framework
YARA
Pattern matching for malware research and hunting
mitmproxy
Interactive HTTPS proxy for traffic inspection
Wappalyzer
Identify technologies used on websites
httpx
Fast and flexible HTTP toolkit
gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl
waybackurls
Fetch archived URLs from the Wayback Machine
Nmap
Network discovery and security auditing
Masscan
Internet-scale port scanner
Naabu
Fast port scanner
ZMap
Internet-wide network scanner
Wireshark
Network protocol analyzer
TShark
Terminal network protocol analyzer (Wireshark CLI)
Scapy
Powerful interactive packet manipulation
bettercap
Swiss army knife for network attacks and monitoring
tcpdump
Packet capture and analysis CLI
Ncat
Modern netcat from the Nmap project
hping3
Packet generator and analyzer
Kismet
Wireless network detector and sniffer
Aircrack-ng
WEP/WPA key cracking and wireless auditing
Autopsy
Digital forensics platform (GUI for Sleuth Kit)
Responder
LLMNR/NBT-NS/mDNS poisoner
Impacket
Python collection for network protocols and attacks
CrackMapExec
Swiss army knife for pentesting networks
Hydra
Fast network logon cracker
Medusa
Network password brute forcing
Ncrack
High-speed network authentication cracking
BloodHound
Graph-based AD attack path analysis
SharpHound
Collector for BloodHound data
mimikatz
Credential dumping and manipulation
Rubeus
Kerberos abuse toolkit
PowerView
PowerShell AD reconnaissance
PowerUp
Windows privilege escalation checks
Seatbelt
Security oriented host survey
SharpUp
Windows privilege escalation checks
Certify
AD CS misconfiguration abuse
Coercer
Coerce machines to authenticate (e.g., printer bug)
PetitPotam
NTLM relay vector via EFSRPC
gMSADumper
Dump gMSA passwords
Kerbrute
Kerberos pre-auth bruteforcer
ADExplorer
AD viewer and editor (Sysinternals)
LaZagne
Credentials recovery on Windows/Linux/macOS
PingCastle
Active Directory security health assessment
Metasploit Framework
Exploit development and post-exploitation framework
Cobalt Strike
Commercial adversary simulation platform
Sliver
Open source adversary emulation framework
Mythic
Plugin-based C2 framework
Havoc
Modern C2 framework
Empire
Post-exploitation framework
Covenant
.NET-based C2 framework
Merlin
Cross-platform post-exploitation framework
Evil-WinRM
WinRM shell for pentesting Windows
Nishang
Offensive PowerShell scripts and payloads
Evilginx2
Adversary-in-the-middle phishing framework
Gophish
Open source phishing framework
King Phisher
Phishing campaign toolkit
Modlishka
Reverse proxy for phishing and bypassing 2FA
MSOLSpray
Password spraying for Microsoft 365/Azure AD
ScoutSuite
Multi-cloud security auditing
Prowler
AWS/Azure/GCP security best practices auditing
Pacu
AWS exploitation framework
TruffleHog
Secrets scanning in code, configs, and logs
Gitleaks
Protect and discover hardcoded secrets
Checkov
Static analysis for IaC (Terraform/K8s/Cloud)
tfsec
Static analysis for Terraform
Semgrep
Lightweight static analysis and code rules
KICS
Find security issues in IaC
Snyk CLI
SAST/Dependency scanning CLI
Terrascan
Detect compliance and security violations across IaC
Cloudsplaining
AWS IAM risk assessment and least privilege
Cartography
Attack surface mapping and asset graph for cloud
Trivy
Comprehensive container and artifact scanner
Grype
Container image vulnerability scanner
kube-hunter
Kubernetes security assessment
kube-bench
CIS Benchmark tests for Kubernetes
Velociraptor
Endpoint visibility, DFIR collection and hunting
Zeek
Network security monitoring (formerly Bro)
Suricata
High-performance IDS/IPS and network security monitoring
Hashcat
Advanced password recovery and cracking
John the Ripper
Fast password cracker with many formats