Tool
Interactively check flags, fill in values, and assemble a ready-to-run command for popular security tools.
Network
Web
Automatic SQL injection and database takeover tool
Directory/file, DNS, and vhost brute-force tool written in Go
Web server scanner that checks for dangerous files, misconfigurations, and outdated software
Password
Recon
Transfer
Non-interactive network downloader supporting HTTP, HTTPS, and FTP
PowerShell cmdlet for downloading files and making HTTP requests
Windows built-in tool for certificate management and file download/encode
Secure copy — transfer files over SSH between hosts
Fast, versatile file sync and transfer tool supporting SSH tunneling
Remote Access
Standard FTP client for connecting to FTP servers and transferring files
OpenSSH client for encrypted remote shell access and tunneling
Unencrypted remote terminal protocol — useful for banner grabbing and manual protocol testing
FreeRDP client for connecting to Windows Remote Desktop (RDP) services
WinRM shell for pentesting Windows remote management — supports pass-the-hash, SSL, and file transfer
SMB / Windows
Network execution tool for attacking and enumerating network services (successor to CrackMapExec)
Rewrite of enum4linux for enumerating information from Windows and Samba hosts via SMB/RPC
SMB/RPC client for enumerating Windows hosts — users, groups, shares, and more
SMB share enumerator — lists shares, permissions, and can search or download files
Impacket's psexec — remote execution on Windows via SMB by uploading a service binary
Impacket's wmiexec — semi-interactive remote shell on Windows via WMI (leaves fewer SMB artifacts than psexec)
SMTP
SNMP
Fast SNMP scanner for brute-forcing community strings across multiple hosts
Walk the SNMP MIB tree and dump OID values from a target device
Mass SNMP scanner — query many hosts for specific OIDs simultaneously
Database
Audit