Recopilación de información:
Nmap, Shodan, Maltego, TheHavester, Recon-NG, Amass, Censys, OSINT Framework, Gobuster
Explotación:
Burp Suite, Metasploit Framework, SQL Map, ZAP, ExploitDB, Core Impact, Cobalt Strike
Descifrando contraseñas:
John The Ripper, Hydra, Hashcat, OPHCrack, Medusa, THC Hydra, Cain & Abel
Escaneo de vulnerabilidades:
OpenVAS, Nessus, AppScan, LYNIS, Retina, Nexpose
Ingeniería de software:
GoPhish, HiddenEye, SocialFish, EvilURL, Evilginx
Forense:
SluethKit, Autopsy, Volatility, Guymager, Foremost, Binwalk, Wireshark
Hackeo inalámbrico:
Aircrack-NG, Wifite, Kismet, TCPDump, Airsnort, Netstumbler, Reaver
Evaluación de aplicaciones web:
OWASP ZAP, Burp Suite, Nikto, ZAP, WPScan, Gobuster, App Spider