Pentest Box Tools List of Tools contained in PentestBox

Welcome to PentestBox Tools List Website!
Here you will find list of the tools which are inside PentestBox and how to use them. 
You can see list of tools of particular category using the left sidebar.

Suppose you want to use SQLMap, you can find it's description below in Web Application Scanner Section and you will find something like given below

  cmd.exe

C:\Users\Aditya Agrawal\Desktop

$sqlmap

The console above with  sqlmap  in it tells that if you need to use SQLmap then  sqlmap  is the alias for it. If you are not aware with the tool and it's functions then type like  sqlmap -h  on console, it will display all possible functions of that tool , sqlmap in our case.

To keep everything in short, below are only aliases of the respective tool. 
I Hope you will Enjoy using PentestBox :)

Web Vulnerability Scanners

  • Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. 
    Author: PortsWigger
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $burp

  • Commix - Commix (short for [comm]and [i]njection e[x]ploiter) has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. 
    Copyright (c) 2015 Anastasios Stasinopoulos (@ancst)
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $commix

  • fimap - fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable. 
    Author: Iman Karim 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $fimap

  • Golismero - GoLismero is an open source framework for security testing. It's currently geared towards web security, but it can easily be expanded to other kinds of scans.
    License: GPLv2 
    Author: Daniel García , Mario Vilas, Raúl Requero 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $golismero

      cmd.exe

    C:\PentestBox\bin\WebApplications\golismero (master)

    $golismero.bat scan pentestbox.com

  • IronWasp - Find security issues on your website automatically using IronWASP, one of the world's best web security scanners. Here are some reasons why IronWASP is great:
    • It's Free and Open source
    • GUI based and very easy to use, no security expertise required
    • Powerful and effective scanning engine
    • Supports recording Login sequence
    • Checks for over 25 different kinds of well known web vulnerabilities
    • False Negatives detection suppport
    • Industry leading built-in scripting engine that supports Python and Ruby

    Author: Lavakumar Kuppan
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $ironwasp

  • jSQL - jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris). 
    Author: ron190 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $jSQL

  • Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. 
    Author: Cirt.net 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $nikto

  • PadBuster - Automated script for performing Padding Oracle attacks. 
    Author: Brian Holyfield, Gotham Digital Science 
    License: Reciprocal Public License 1.5
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $padbuster

  • SqlMap - sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. 
    Author: Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $sqlmap

  • Vega - Vega is a free and open source scanner and testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. 
    Author: Subgraph 
    License: Eclipse Public License 1.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $vega

  • Wpscan - WPScan is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. 
    Author: The WPScan Team 
    License: WPScan Public Source License
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $wpscan

  • OWASP Xenotix XSS Exploit FrameWork - OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. Xenotix provides Zero False Positive XSS Detection by performing the Scan within the browser engines where in real world, payloads get reflected. Xenotix Scanner Module is incorporated with 3 intelligent fuzzers to reduce the scan time and produce better results. If you really don't like the tool logic, then leverage the power of Xenotix API to make the tool work like you wanted it to be. It is claimed to have the world’s 2nd largest XSS Payloads of about 4800+ distinctive XSS Payloads. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes real world offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation. Say no to alert pop-ups in PoC. Pen testers can now create appealing Proof of Concepts within few clicks. 
    Author: Ajin Abraham 
    License: Creative Commons Attribution-ShareAlike 3.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $xenotix

  • Yasuo - Yasuo is a ruby script that scans for vulnerable 3rd-party web applications. While working on a network security assessment (internal, external, redteam gigs etc.), we often come across vulnerable 3rd-party web applications or web front-ends that allow us to compromise the remote server by exploiting publicly known vulnerabilities. Some of the common & favorite applications are Apache Tomcat administrative interface, JBoss jmx-console, Hudson Jenkins and so on. 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $yasuo

  • Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. 
    Author: OWASP.org

    There is some integration issue with Zaproxy and PentestBox. So you have to start it manually by opening zap.bat file inPentestBox_Directory/bin/WebApplications/ZAP_2.4.0/.We will surely try to fix it sooner.

Web Applications Proxies

  • Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. 
    Author: Portswigger
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $burp

  • Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. 
    Author: OWASP.org

    There is some integration issue with Zaproxy and PentestBox. So you have to start it manually by opening zap.bat file inPentestBox_Directory/bin/WebApplications/ZAP_2.4.0/.We will surely try to fix it sooner.

Web Crawlers

  • Dir Buster - DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. 
    Author: OWASP.org 
    License: Apache 2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $dirbuster

  • Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. 
    Author: Portswigger
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $burp

Information Gathering

  • dnsrecon - DNS Enumeration Script 
    Author: Carlos Perez 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $dnsrecon

  • Golismero - GoLismero is an open source framework for security testing. It's currently geared towards web security, but it can easily be expanded to other kinds of scans.
    License: GPLv2 
    Author: Daniel García , Mario Vilas, Raúl Requero 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $golismero

      cmd.exe

    C:\PentestBox\bin\WebApplications\golismero (master)

    $golismero.bat scan pentestbox.com

  • Instarecon -Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do:
  • DNS (direct, PTR, MX, NS) lookups
  • Whois (domains and IP) lookups
  • Google dorks in search of subdomains
  • Shodan lookups
  • Reverse DNS lookups on entire CIDRs
    Author: Luis Teixeira 
    License: MIT License
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $instarecon

  • Knock - Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. 
    Author: Gianni Amato
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $knockpy

  • Nmap - Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping). 
    Author: Fyodor 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $nmap

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $ncat

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $ndiff

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $nping

  • Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. 
    Author: SpiderLabs 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $responder

  • Social Engineer Toolkit - The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social-Engineering. SET has a number of custom attack vectors that allow you to make a believable attack in a fraction of the time. 
    Please note some of the features of Social Engineer Toolkit will not work because Metasploit is not included by default. 
    Author: 
    TrustedSec 
    License: BSD
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $setoolkit

      cmd.exe

    C:\PentestBox\bin\social-engineer-toolkit (master)

    $python setoolkit

  • SSlStrip - It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. 
    Author: Moxie Marlinspike 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $sslstrip

  • SSLyze - SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers. 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $sslyze

  • Subbrute - SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design also provides a layer of anonymity, as SubBrute does not send traffic directly to the target's name servers. 
    Author: Mike Brooks 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $subbrute

  • Tekdefense-Automater - Automater is a URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts. Given a target (URL, IP, or HASH) or a file full of targets Automater will return relevant results from sources like the following: IPvoid.com, Robtex.com, Fortiguard.com, unshorten.me, Urlvoid.com, Labs.alienvault.com, ThreatExpert, VxVault, and VirusTotal. 
    Author: TekDefense.com
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $automater

  • UrlCrazy - Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. 
    Author: Andrew Horton 
    License: Non-Commercial
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $urlcrazy

  • The Harvester - theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers). 
    Author: Christian Martorella 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $theharvester

  • Wireshark - Wireshark is the world’s foremost network protocol analyzer. It lets you see what’s happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. 
    Author: Gerald Combs and contributors 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $wireshark

Exploitation Tools

  • Beef Project - BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. 
    Author: Wade Alcorn 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $beef

      cmd.exe

    C:\PentestBox\bin\beef (master)

    $ruby beef

  • SqlMap - sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. 
    Author: Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $sqlmap

Password Attacks

  • Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $burp

  • CryptoHaze - A CUDA & OpenCL accelerated rainbow table implementation from the ground up, and a CUDA hash brute forcing tool with support for many hash types including MD5, SHA1, LM, NTLM, and lots more! 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $Cryptohaze-Multiforcer

  • Findmyhash - findmyhash.py try to crack different types of hashes using free online services.
    Author: JulGor 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $findmyhash

  • HashIdentifier - Software to identify the different types of hashes used to encrypt data and especially passwords. 
    Author: Zion3R 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $hashidentifier

  • LaZagne - The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment, it supports 22 Programs on Microsoft Windows and 12 on a Linux/Unix-Like OS. 
    Author: AlessandroZ 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $lazagne

  • John the Ripper - John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $johntheripper

  • Patator - Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings. Patator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors. 
    Author: Sebastien MACKE 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $patator

  • RainbowCrack - RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. It crack hashes with rainbow tables.RainbowCrack uses time-memory tradeoff algorithm to crack hashes. It differs from brute force hash crackers.A brute force hash cracker generate all possible plaintexts and compute the corresponding hashes on the fly, then compare the hashes with the hash to be cracked. Once a match is found, the plaintext is found. If all possible plaintexts are tested and no match is found, the plaintext is not found. With this type of hash cracking, all intermediate computation results are discarded. 
    Author: RainbowCrack Project
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $rcrack

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $rt2rtc

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $rtc2rt

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $rtgen

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $rtsort

  • THC Hydra - Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely. 
    Please note that PentestBox contains compiled version of THC-Hydra which is taken fromhere. 
    Author: Van Hauser, Roland Kessler 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $thc-hydra

  • Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. 
    Author: OWASP.org

    There is some integration issue with Zaproxy and PentestBox. So you have to start it manually by opening zap.bat file inPentestBox_Directory/bin/WebApplications/ZAP_2.4.0/.We will surely try to fix it sooner.

Android Security

  • Androguard - Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !) 
    Author: Anthony Desnos 
    License: Apache v2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androapkinfo

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androarsc

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androauto

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androaxml

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androcsign

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androdd

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androdiff

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androdis

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androgui

  • Androwarn - Androwarn is a tool whose main aim is to detect and warn the user about potential malicious behaviours developped by an Android application. 
    Author: Thomas D 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $androwarn

  • ApkTool - A tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with an app easier because of project-like file structure and automation of some repetitive tasks like building apk, etc. 
    Author: Connor Tumbleson, Ryszard Wiśniewski 
    License: Apache v2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $apktool

  • dex2jar - Convert .dex file to .class files (zipped as jar) 
    Author: Bob Pan 
    License: Apache v2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $dex2jar

  • dex2jar - Drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS. 
    License: BSD
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $drozer

  • Introspy - Introspy is a set of iOS and Android tools designed to help understand what an iOS or Android application is doing at runtime and assist in the identification of potential security issues. 
    Author: iSecPartners 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $introspy

  • JD-GUI - JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields. 
    License: Free for Non-Commercial Use
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $jdgui

  • Pidcat - Colored logcat script which only shows log entries for a specific application package.
    Author: Jake Wharton
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $pidcat

Reverse Engineering

  • ApkTool - A tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with an app easier because of project-like file structure and automation of some repetitive tasks like building apk, etc. 
    Author: Connor Tumbleson, Ryszard Wiśniewski 
    License: Apache v2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $apktool

  • dex2jar - Convert .dex file to .class files (zipped as jar) 
    Author: Bob Pan 
    License: Apache v2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $dex2jar

  • frida - It’s Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript into native apps on Windows, Mac, Linux, iOS and Android. Frida also provides you with some simple tools built on top of the Frida API. These can be used as-is, tweaked to your needs, or serve as examples of how to use the API. 
    Author: Ole André Vadla Ravnås 
    License: wxWindows Library Licence, Version 3.1
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $frida

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $frida-ps

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $frida-discover

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $frida-trace

  • Jad - Jad provides a command-line user interface to extract source code from class files. 
    Author: Pavel Kouznetsov
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $jad

  • JD-GUI - JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields. 
    Author: Emmanuel Dupuy 
    License: Free for Non-Commercial Use
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $jdgui

  • JavaSnoop - JavaSnoop is an Aspect Security tool that allows security testers to easily test the security of Java applications. 
    Author: www.aspectsecurity.com 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $javasnoop

  • OLLY Debugger - OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows® 
    Author: Oleh Yuschuk
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $ollydbg

  • Radare2 - r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files.Radare project started as a forensics tool, an scriptable commandline hexadecimal editor able to open disk files, but later support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb servers, .. 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $radare2


    To open Webserver please follow below.
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $radare2directory

      cmd.exe

    C:\PentestBox\bin\ReverseEngineering\radare2

    $radare2.exe -c=H rax2.exe

  • Smali/Baksmali - smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android's Java VM implementation. The syntax is loosely based on Jasmin's/dedexer's syntax, and supports the full functionality of the dex format (annotations, debug info, line info, etc.) You can access smali and baksmali by typing smali and baksmali 
    License: 
    BSD

Stress Testing

  • Termineter - Termineter is a framework written in python to provide a platform for the security testing of smart meters. It implements the C1218 and C1219 protocols for communication. 
    Author: SecureState 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $termineter

  • THC-SSL-DOS - The THC-SSL-DOS tool is a Proof Of Concept tool to disclose fishy security in SSL. It works great if the server supports SSL Renegotiation. It still works if SSL Renegotiation is not supported but requires some modifications and more bots before an effect can be seen. 
    Author: The Hackers Choice 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $thc-ssl-dos

Sniffing

  • Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $burp

  • DNSChef - DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka “Fake DNS”) is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for “badguy.com” to point to a local machine for termination or interception instead of a real host somewhere on the Internet. 
    Author: thesprawl 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $dnschef

  • Ettercap - Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. 
    Author: Alberto Ornaghi (ALoR), Marco Valleri (NaGA), Emilio Escobar (exfil), Eric Milam (J0hnnyBrav0) 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $ettercap

  • Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. 
    Author: SpiderLabs 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $responder

  • SSlStrip - It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. 
    Author: Moxie Marlinspike 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $sslstrip

  • Wifi Honey - This script creates five monitor mode interfaces, four are used as APs and the fifth is used for airodump-ng. To make things easier, rather than having five windows all this is done in a screen session which allows you to switch between screens to see what is going on. All sessions are labelled so you know which is which. 
    Author: Robin Wood 
    License: Creative Commons Attribution-Share Alike 2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $wifi_honey

  • Windump - WinDump is the Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules 
    Author: RiverBed Technology 
    License: BSD
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $windump

  • Wireshark - Wireshark is the world’s foremost network protocol analyzer. It lets you see what’s happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. 
    Author: Gerald Combs and contributors 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $wireshark

  • Zaproxy - The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. 
    Author: OWASP.org

    There is some integration issue with Zaproxy and PentestBox. So you have to start it manually by opening zap.bat file inPentestBox_Directory/bin/WebApplications/ZAP_2.4.0/.We will surely try to fix it sooner.

Forensic Tools

  • Autopsy - Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card. 
    Author: Brian Carrier 
    License: Apache 2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $autopsy

  • Bulk Extractor - bulk_extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. The results can be easily inspected, parsed, or processed with automated tools. bulk_extractor also created a histograms of features that it finds, as features that are more common tend to be more important. The program can be used for law enforcement, defense, intelligence, and cyber-investigation applications. 
    Author: Simson L. Garfinkel 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $bulkextractor

  • CapTipper - CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found. 
    Author: Omri Herscovici 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $captipper

  • DumpZilla - Dumpzilla application is developed in Python 3.x and has as purpose extract all forensic interesting information of Firefox, Iceweasel and Seamonkey browsers to be analyzed. Due to its Python 3.x developement, might not work properly in old Python versions, mainly with certain characters. Works under Unix and Windows 32/64 bits systems. Works in command line interface, so information dumps could be redirected by pipes with tools such as grep, awk, cut, sed… 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $dumpzilla

  • Make PDF Tools - make-pdf-javascript.py allows one to create a simple PDF document with embedded JavaScript that will execute upon opening of the PDF document. It’s essentially glue-code for the mPDF.py module which contains a class with methods to create headers, indirect objects, stream objects, trailers and XREFs. 
    Author: /Didier Stevens
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $make-pdf-embedded

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $make-pdf-javascript

  • Origami - Origami is a Ruby framework for manipulating PDF documents. It features a PDF compliant parser and allows to analyze, modify or create malicious PDF files. Although it may be use for multiple purposes, Origami is primarily intended as a security tool. As such, it does not focus on the graphics contents of a document and does not include a PDF renderer. 
    License: GPL
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $pdfsh

  • pype32 - Yet another Python library to read and write PE/PE+ files. 
    Author: Nahuel Riva 
    License: BSD License Please look on the tool website to know about the usage.
  • pyew - Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE and ELF file formats (it performs code analysis and let you write scripts using an API to perform many types of analysis), follows direct call/jmp instructions in the interactive command line, displays function names and string data references; supports OLE2 format, PDF format and more. 
    Author: Joxean 
    License: GPLv2 
    To use this please go to it's directory which is located at pentestbox_directory/bin/ForensicTools/pyew and then follow usage guide from it's website.
  • pedump - A pure ruby implementation of win32 PE binary files dumper. 
    Author: zed_0xff 
    License: MIT
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $pedump

  • PDF Parser - This tool will parse a PDF document to identify the fundamental elements used in the analyzed file. It will not render a PDF document. 
    Author: Didier Stevens
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $pdf-parser

  • pdfid - This tool is not a PDF parser, but it will scan a file to look for certain PDF keywords, allowing you to identify PDF documents that contain (for example) JavaScript or execute an action when opened. PDFiD will also handle name obfuscation. 
    Author: Didier Stevens
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $pdfid

  • PeePDF - peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it’s possible to see all the objects in the document showing the suspicious elements, supports the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. 
    Author: Jose Miguel Esparza 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $peepdf

  • RAT Decoders - This Repo will hold a collection of Python Scripts that will extract and decode the configuration settings from common rats. 
    Author: kevthehermit 
    To use this please go to it's directory which is located at pentestbox_directory/bin/ForensicTools/RATDecoders and then follow usage guide from it's website.
  • rekall - The Rekall Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibilty into the runtime state of the system. 
    Author: Google 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $rekall

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $winpmem

  • Volatility - The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. 
    Author: Volatile Foundation 
    License: GPLv3
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $volatility

Wireless Attacks

  • Aircrack-ng -Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. 
    Author: Thomas d’Otreppe, Original work: Christophe Devine 
    License: GPLv2
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $airbase-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $aircrack-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $aircrack-ng-GUI

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $airdecap-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $airdecloak-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $aireplay-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $airodump-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $airolib-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $airtun-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $besside-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $easside-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $ivstools

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $kstats

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $makeivs-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $packetforge-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $tkiptun-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $wesside-ng

      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $wpaclean

  • Wifi Honey - This script creates five monitor mode interfaces, four are used as APs and the fifth is used for airodump-ng. To make things easier, rather than having five windows all this is done in a screen session which allows you to switch between screens to see what is going on. All sessions are labelled so you know which is which. 
    Author: Robin Wood 
    License: Creative Commons Attribution-Share Alike 2.0
      cmd.exe

    C:\Users\Aditya Agrawal\Desktop

    $wifi_honey

Text Editors

To make PenetestBox more awesome, i have added Atom and vim as text editors. After opening atom it will spilt up the screen with Atom on one side and your terminal on the other side, while vim runs on the same tab. Atom splitting is done to make reporting much more easier by giving access to console and editor on same screen.

  cmd.exe

C:\Users\Aditya Agrawal\Desktop

$atom

  cmd.exe

C:\Users\Aditya Agrawal\Desktop

$vim

Linux Utilities

PentestBox provide nearly all linux utilities in an Windows Environment. Below are the list of the linux utilities which are inside PentestBox 
antiword, basename, bash, bison, bzip2, cat, chmod, cmp, connect, cp, curl, cut, date, diff, dirname, du, env, expr, false, find, flex, gawk, git, grep, gunzip, gzip, head, id, kill, mkdir, md5sum, ls, ln , mv, openssl, patch, ps, rebase, rm, rmdir, scp, sh, ssh-keygen, touch, tr, true, uname, uniq, unzip, wc, xargs

Also to make PentestBox more awesome we have also included HTTPie, HTTPie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output. HTTPie can be used for testing, debugging, and generally interacting with HTTP servers.

Browser

PentestBox also contains a modified version of Mozilla Firefox with all the security addons pre installed in it. To Know all the addons which are pre installed in it , click here

Also we have included SQLite Browser in it.

Disclaimer

All the tools contained in PentestBox belong to their individual developers whose names are mentioned above along their respective tools. All credits to those tools go to their respective developers. All the tools are maintained inside bin folder, no tool/product has been modified unless written in the product description above. Tools are directly fetched from respective Github repositories and or their product websites. All CopyRight Notice, License file, Disclaimer file are maintained in their respective folder if given on their products site/pages.

Developer assume no liability and are not responsible for any misuse or damage caused by this program. Do not use it for illegal purposes!!

你可能感兴趣的:(Pentest Box Tools List of Tools contained in PentestBox)