1. Reconnaissance
Tools used for gathering information during the initial stages of an attack or assessment.
Examples: Recon-ng, theHarvester, Nmap, Zenmap.
2. Password & Brute Force Attacks
Tools designed for cracking passwords or performing brute force attacks.
Examples: John the Ripper, Hydra, Hashcat.
3. Exploitation
Tools for identifying and exploiting vulnerabilities in systems or applications.
Examples: Metasploit, BeEF, SQLmap.
4. Wireless Attacks
Tools focused on compromising or analyzing wireless networks.
Examples: Kismet, Wifite, Aircrack-ng.
5. Social Engineering & Phishing
Tools tailored for creating and executing phishing campaigns or social engineering attacks.
Examples: SET (Social-Engineer Toolkit), Gophish, King Phisher.
6. Web Application Penetration Testing
Tools specifically designed to test web applications for vulnerabilities.
Examples: Burp Suite, OWASP ZAP, Arachni.
7. Vulnerability Scanning
Tools for detecting and assessing system vulnerabilities.
Examples: OpenVAS, Nessus, Nikto.
8. Network-Based Attacks
Tools used to analyze or attack networks for vulnerabilities.
Examples: Wireshark, Ettercap, ArpSpoof.
9. Mobile Security
Tools for assessing the security of mobile applications and devices.
Examples: Drozer, Frida, MobSF.
10. Reverse Engineering
Tools to analyze and understand the functionality of software, often to uncover hidden mechanisms or vulnerabilities.
Examples: Radare2, Ghidra.
11. Post-Exploitation
Tools for performing actions after gaining access to a system, such as maintaining persistence or data exfiltration.
Examples: Empire, Mimikatz, Meterpreter.
12. Reporting & Documentation
Tools for documenting findings and creating comprehensive security reports.
Examples: Dradis, Faraday, MagicTree.
