Whether you're a student, a CTF player, or a working security professional β this project is designed to help you discover, understand, and organize the landscape of offensive tools effectively.
This repository is NOT a collection of walkthroughs or cheatsheets.Instead, it is a structured catalog that:
- Groups hacking tools by functional categories
- Highlights usage contexts and links to external resources/labs
- Serves as a starting point for learning and using each class of tools
- Helps with training, teaching, and internal knowledge sharing
Each entry is grouped into a functional category of offensive security:
| Tool Category | Description |
|---|---|
| π Recon Tools | Tools used for gathering information before active engagement (e.g., Nmap, Amass, Subfinder) |
| π‘ Enumeration Tools | Tools for discovering network services, users, shares, etc. (e.g., Enum4linux, SMBMap) |
| π OSINT Tools | Open-source intelligence tools for footprinting (e.g., theHarvester, Maltego) |
| π Vulnerability Scanners | Tools to detect known vulnerabilities (e.g., Nuclei, Nikto, OpenVAS) |
| π οΈ Exploitation Frameworks | Tools for delivering exploits (e.g., Metasploit, ExploitDB, Searchsploit) |
| π΄ Red Team Frameworks | Offensive infrastructure and attack simulation (e.g., Cobalt Strike, Sliver, Mythic) |
| π Privilege Escalation | Techniques and automation tools for privesc (e.g., LinPEAS, WinPEAS) |
| π Post-Exploitation | Credential dumping, pivoting, persistence (e.g., Mimikatz, LaZagne) |
| π£ Evasion Techniques | Obfuscation, LOLBins, and AV/EDR evasion (e.g., Invoke-Obfuscation, SharpHound) |
| βοΈ Binary Exploitation | Stack/heap exploitation tools (e.g., GDB, pwndbg, ROPgadget) |
| π§ͺ Fuzzers | Vulnerability discovery via fuzzing (e.g., AFL++, libFuzzer, Peach) |
| π Reverse Engineering | Tools to analyze and reverse binaries (e.g., Ghidra, IDA Pro, radare2) |
| πΆ Wireless Hacking | WiFi and Bluetooth attack tools (e.g., Aircrack-ng, Bettercap) |
| π°οΈ C2 Frameworks | Command-and-Control frameworks (e.g., Covenant, Empire, Merlin) |
| π§ͺ Web Exploitation Tools | XSS, SQLi, SSRF tools (e.g., XSStrike, sqlmap, Burp Suite) |
| π‘οΈ Active Directory Attacks | Kerberoasting, AS-REP Roasting (e.g., Rubeus, BloodHound) |
| βοΈ Cloud Security Tools | Enumeration & exploitation of AWS, Azure, GCP (e.g., ScoutSuite, Pacu) |
| π³ Container & K8s | Docker & Kubernetes attack tools (e.g., kube-hunter, dockerscan) |
| π IoT & Hardware | UART, JTAG, firmware reverse tools (e.g., JTAGulator, Binwalk) |
| π€ ML & AI in Security | Tools for adversarial evasion and malware generation (e.g., ART, SecML) |