A list of tools to utilize while performing a security study or pen-test.
Tools covered till now...
- Basic proxychain (stay hidden while pen-testing)
- wfuzz (fuzzing tool)
- nmap (network scanner)
- sqlmap (detect SQL injection flaws)
- XSS (XSS-loader, ParamSpider, Gxss, dalfox)
- php injection
- Commix (exploit command injection vulnerabilities)
- Airmon-ng (WiFi handshake intercepting)
- Crowbar (bruteforce on ports like RDP, telnet, ssh, etc.)