Skip to main content

Tool Directory

HackingTool includes 100+ security tools across 17 categories. Below is a complete alphabetical listing.
Each tool includes category tags, brief description, and GitHub repository link where applicable.

A

AdvPhishing
Phishing
Description: Advanced Phishing Tool with OTP phishing capabilitiesRepository: https://github.com/Ignitetch/AdvPhishingCategory: Phishing Attack Tools
Androguard
Reverse Engineering
Description: Reverse engineering, malware and goodware analysis of Android applicationsRepository: https://github.com/androguard/androguardCategory: Reverse Engineering Tools
Anonymously Surf (Anonsurf)
Anonymity
Description: Automatically overwrites RAM on shutdown and changes IP addressRepository: https://github.com/Und3rf10w/kali-anonsurfCategory: Anonymously Hiding Tools
Apk2Gold
Reverse Engineering
Description: CLI tool for decompiling Android apps to JavaRepository: https://github.com/lxdvs/apk2goldCategory: Reverse Engineering Tools
aSYNcrone
DDoS
Description: Multifunction SYN Flood DDoS weapon written in CRepository: https://github.com/fatihsnsy/aSYNcroneCategory: DDOS Attack Tools
Autopsy
Forensics
Description: Digital forensics platform for cyber investigators, recover deleted filesRepository: Pre-installed on most distributionsCategory: Forensic Tools
Autophisher
Phishing
Description: Automated phishing toolkit by CodingRanjithRepository: https://github.com/CodingRanjith/autophisherCategory: Phishing Attack Tools

B

BlackEye
Phishing
Description: Ultimate phishing tool with 38 website templatesRepository: https://github.com/An0nUD4Y/blackeyeCategory: Phishing Attack Tools
BlackPhish
Phishing
Description: Advanced phishing tool with update functionalityRepository: https://github.com/iinc0gnit0/BlackPhishCategory: Phishing Attack Tools
Blazy
Web Attack
Description: Modern login page bruteforcer, also detects ClickJackingRepository: https://github.com/UltimateHackers/BlazyCategory: Web Attack Tools
Blisqy
SQL Injection
Description: Exploit time-based blind SQL injection vulnerabilitiesRepository: https://github.com/JohnTroony/BlisqyCategory: SQL Injection Tools
BluePot
Wireless
Description: Bluetooth Honeypot GUI FrameworkRepository: https://github.com/andrewmichaelsmith/bluepotCategory: Wireless Attack Tools
Breacher
Information Gathering
Description: Advanced multithreaded admin panel finderRepository: https://github.com/s0md3v/BreacherCategory: Information Gathering Tools
Brutal
Payload
Description: Toolkit for payloads, PowerShell attacks, virus attacks, and HID listenerRepository: https://github.com/Screetsec/BrutalCategory: Payload Creation Tools
Bulk Extractor
Forensics
Description: Extract useful information without parsing file systemsRepository: https://github.com/simsong/bulk_extractorCategory: Forensic Tools

C

CheckURL
Web Attack
Description: Detect evil URLs using IDN Homograph AttackRepository: https://github.com/UndeadSec/checkURLCategory: Web Attack Tools
ChromeKeyLogger (Hera)
Post-Exploitation
Description: Chrome browser keyloggerRepository: https://github.com/UndeadSec/HeraKeyloggerCategory: Post Exploitation Tools
Commix
Exploit Framework
Description: Automated all-in-one OS command injection and exploitation toolRepository: https://github.com/commixproject/commixCategory: Exploit Framework
Cupp
Wordlist
Description: Common User Passwords Profiler for wordlist generationRepository: https://github.com/Mebus/cuppCategory: Wordlist Generator

D

DalFox
XSS
Description: XSS scanning and parameter analysis tool (Finder of XSS)Repository: https://github.com/hahwul/dalfoxCategory: XSS Attack Tools
ddos (36 Methods)
DDoS
Description: Best DDoS attack script with 36+ methodsRepository: https://github.com/the-deepnet/ddosCategory: DDOS Attack Tools
Dirb
Web Attack
Description: Web content scanner, dictionary-based attack against web serversRepository: https://gitlab.com/kalilinux/packages/dirbCategory: Web Attack Tools
dnstwist
Phishing
Description: Domain name permutation engine for detecting typosquattingRepository: https://github.com/elceef/dnstwistCategory: Phishing Attack Tools
Dracnmap
Information Gathering
Description: Network exploitation and information gathering with nmapRepository: https://github.com/Screetsec/DracnmapCategory: Information Gathering Tools
DSSS (Damn Small SQLi Scanner)
SQL Injection
Description: Fully functional SQL injection vulnerability scannerRepository: https://github.com/stamparm/DSSSCategory: SQL Injection Tools

E

Enigma
Payload
Description: Multiplatform payload dropperRepository: https://github.com/UndeadSec/EnigmaCategory: Payload Creation Tools
EvilTwin (Fakeap)
Wireless
Description: Evil Twin attack via fake page and fake access pointRepository: https://github.com/Z4nzu/fakeapCategory: Wireless Attack Tools
Evilginx2
Phishing
Description: MITM attack framework for phishing credentials and session cookies, bypass 2FARepository: https://github.com/kgretzky/evilginx2Category: Phishing Attack Tools
Explo
SQL Injection
Description: Describe web security issues in human and machine-readable formatRepository: https://github.com/dtag-dev-sec/exploCategory: SQL Injection Tools
Extended XSS Searcher
XSS
Description: Extended XSS searcher and finderRepository: https://github.com/Damian89/extended-xss-searchCategory: XSS Attack Tools

F

Fastssh
Wireless
Description: Multi-threaded SSH scan and brute force with common credentialsRepository: https://github.com/Z4nzu/fastsshCategory: Wireless Attack Tools
Fluxion
Wireless
Description: Remake of linset with enhanced functionality for wireless attacksRepository: https://github.com/FluxionNetwork/fluxionCategory: Wireless Attack Tools

G

Goblin WordGenerator
Wordlist
Description: Advanced wordlist generatorRepository: https://github.com/UndeadSec/GoblinWordGeneratorCategory: Wordlist Generator
GoldenEye
DDoS
Description: HTTP DoS test tool for security testingRepository: https://github.com/jseidl/GoldenEyeCategory: DDOS Attack Tools
Guymager
Forensics
Description: Free forensic imager for media acquisition, disk clone and ISORepository: https://guymager.sourceforge.io/Category: Forensic Tools

H

HatCloud
Other
Description: Bypass CloudFlare to discover real IP addressesRepository: https://github.com/HatBashBR/HatCloudCategory: Other Tools
HiddenEye
Phishing
Description: Modern phishing tool with advanced functionality and tunnelingRepository: https://github.com/Morsmalleo/HiddenEyeCategory: Phishing Attack Tools
Host2IP
Information Gathering
Description: Convert hostnames to IP addressesRepository: Built-in toolCategory: Information Gathering Tools
Howmanypeople
Wireless
Description: Count people around you by monitoring WiFi signalsRepository: Python packageCategory: Wireless Attack Tools

I

Infoga
Information Gathering
Description: Email OSINT - gather email account information from public sourcesRepository: https://github.com/m4ll0k/InfogaCategory: Information Gathering Tools
I-See-You (ISeeYou)
Phishing
Description: Find exact location of victim via social engineering and phishingRepository: https://github.com/Viralmaniar/I-See-YouCategory: Phishing Attack Tools
IsItDown
Information Gathering
Description: Check if website is online or downRepository: Web service linkCategory: Information Gathering Tools

J

JadX
Reverse Engineering
Description: Dex to Java decompiler for APK filesRepository: https://github.com/skylot/jadxCategory: Reverse Engineering Tools

L

Leviathan
SQL Injection
Description: Wide range mass audit toolkit with SQL injection detectionRepository: https://github.com/leviathan-framework/leviathanCategory: SQL Injection Tools

M

Maskphish (Miskphish)
Phishing
Description: Hide phishing URLs under normal-looking URLsRepository: https://github.com/jaykali/maskphishCategory: Phishing Attack Tools
Mob-Droid
Payload
Description: Generate metasploit payloads easily without long commandsRepository: https://github.com/kinghacker0/Mob-DroidCategory: Payload Creation Tools
MSFvenom Payload Creator (MSFPC)
Payload
Description: Wrapper to generate multiple types of payloadsRepository: https://github.com/g0tmi1k/msfpcCategory: Payload Creation Tools
Multitor
Anonymity
Description: Stay in multiple places at the same time via TorRepository: https://github.com/trimstray/multitorCategory: Anonymously Hiding Tools

N

NMAP (Network Map)
Information Gathering
Description: Free and open-source utility for network discovery and security auditingRepository: https://github.com/nmap/nmapCategory: Information Gathering Tools
NoSqlMap
SQL Injection
Description: Audit and automate NoSQL injection attacksRepository: https://github.com/codingo/NoSQLMapCategory: SQL Injection Tools

P

pixiewps
Wireless
Description: Bruteforce offline WPS pin (pixie dust attack)Repository: https://github.com/wiire/pixiewpsCategory: Wireless Attack Tools
Port Scanner (rang3r)
Information Gathering
Description: Multi-threaded scanner for alive hosts in IP rangeRepository: https://github.com/floriankunushevci/rang3rCategory: Information Gathering Tools
Port Scanning
Information Gathering
Description: Built-in port scanner using nmapRepository: System toolCategory: Information Gathering Tools
Pyshell
RAT
Description: RAT tool for file upload/download, OS command executionRepository: https://github.com/knassar702/pyshellCategory: Remote Administrator Tools
Pyphisher
Phishing
Description: Easy to use phishing tool with 77 website templatesRepository: https://github.com/KasRoudra/PyPhisherCategory: Phishing Attack Tools

Q

QR Code Jacking (QRJacking)
Phishing
Description: QR code jacking for any websiteRepository: https://github.com/cryptedwolf/ohmyqrCategory: Phishing Attack Tools
QRLJacking
Phishing
Description: Advanced QR login jackingRepository: https://github.com/OWASP/QRLJackingCategory: Phishing Attack Tools

R

ReconDog
Information Gathering
Description: Information gathering suiteRepository: https://github.com/s0md3v/ReconDogCategory: Information Gathering Tools
ReconSpider
Information Gathering
Description: Advanced OSINT framework for IP, emails, websites, organizationsRepository: https://github.com/bhavsec/reconspiderCategory: Information Gathering Tools
RED HAWK
Information Gathering
Description: All-in-one tool for information gathering and vulnerability scanningRepository: https://github.com/Tuhinshubhra/RED_HAWKCategory: Information Gathering Tools
RouterSploit
Exploit Framework
Description: Open-source exploitation framework for embedded devicesRepository: https://github.com/threat9/routersploitCategory: Exploit Framework
RVuln
XSS
Description: Multi-threaded automated web vulnerability scanner in RustRepository: https://github.com/iinc0gnit0/RVulnCategory: XSS Attack Tools

S

SaphyraDDoS
DDoS
Description: Complex Python DDoS tool with easy usageRepository: https://github.com/anonymous24x7/Saphyra-DDoSCategory: DDOS Attack Tools
SayCheese
Phishing
Description: Take webcam shots from target via malicious linkRepository: https://github.com/hangetzzu/saycheeseCategory: Phishing Attack Tools
SecretFinder
Information Gathering
Description: Find sensitive data like API keys, tokens in JavaScript filesRepository: https://github.com/m4ll0k/SecretFinderCategory: Information Gathering Tools
Setoolkit (Social-Engineer Toolkit)
Phishing
Description: Open-source penetration testing framework for social engineeringRepository: https://github.com/trustedsec/social-engineer-toolkitCategory: Phishing Attack Tools
ShellPhish
Phishing
Description: Phishing tool for 18 social media platformsRepository: https://github.com/An0nUD4Y/shellphishCategory: Phishing Attack Tools
Shodan (Shodanfy)
Information Gathering
Description: Get ports, vulnerabilities, banners for any IP using ShodanRepository: https://github.com/m4ll0k/Shodanfy.pyCategory: Information Gathering Tools
SMWYG (Show Me What You Got)
Wordlist
Description: Search 1.4 billion clear text passwords from BreachCompilationRepository: https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-GotCategory: Wordlist Generator
Skipfish
Web Attack
Description: Fully automated active web application security reconnaissanceRepository: Pre-installedCategory: Web Attack Tools
SlowLoris
DDoS
Description: HTTP Denial of Service attack toolRepository: Python packageCategory: DDOS Attack Tools
SocialFish
Phishing
Description: Automated phishing tool and information collectorRepository: https://github.com/UndeadSec/SocialFishCategory: Phishing Attack Tools
Sqlmap
SQL Injection
Description: Automated SQL injection detection and exploitationRepository: https://github.com/sqlmapproject/sqlmapCategory: SQL Injection Tools
SQLScan
SQL Injection
Description: Quick web scanner to find SQL injection pointsRepository: https://github.com/Cvar1984/sqlscanCategory: SQL Injection Tools
SteganoHide
Steganography
Description: Hide and extract data in image/audio filesRepository: System packageCategory: Steganography Tools
StegnoCracker
Steganography
Description: Uncover hidden data inside files using brute-forceRepository: Python packageCategory: Steganography Tools
StegoCracker
Steganography
Description: Hide and retrieve data in image or audio filesRepository: https://github.com/W1LDN16H7/StegoCrackerCategory: Steganography Tools
Stitch
RAT / Payload
Description: Cross-platform Python RAT frameworkRepository: https://github.com/nathanlopez/StitchCategory: Remote Administrator Tools / Payload Creation
Striker
Information Gathering
Description: Recon and vulnerability scanning suiteRepository: https://github.com/s0md3v/StrikerCategory: Information Gathering Tools
Sub-Domain Finder (Sublist3r)
Web Attack
Description: Enumerate subdomains using OSINTRepository: https://github.com/aboul3la/Sublist3rCategory: Web Attack Tools
Sub-Domain TakeOver
Web Attack
Description: Detect subdomain takeover vulnerabilitiesRepository: https://github.com/edoardottt/takeoverCategory: Web Attack Tools
Spycam
Payload
Description: Win32 payload that captures webcam images and sends to attackerRepository: https://github.com/indexnotfound404/spycamCategory: Payload Creation Tools

T

Thanos
Phishing
Description: Browser-to-browser phishing toolkitRepository: https://github.com/TridevReddy/ThanosCategory: Phishing Attack Tools
TheFatRat
Payload
Description: Easy way to create backdoors and payloads that bypass most antivirusRepository: https://github.com/Screetsec/TheFatRatCategory: Payload Creation Tools
Toolsley
Forensics
Description: 10+ tools for investigation (hash, encode, binary inspector)Repository: https://www.toolsley.com/Category: Forensic Tools

U

UFONet
DDoS
Description: P2P and cryptographic disruptive toolkit for DoS and DDoSRepository: https://github.com/epsylon/ufonetCategory: DDOS Attack Tools

V

Vegile (Ghost In The Shell)
Post-Exploitation
Description: Hide backdoor/rootkit processes and unlimited metasploit sessionsRepository: https://github.com/Screetsec/VegileCategory: Post Exploitation Tools
Venom
Payload
Description: Shellcode generator and malicious serverRepository: https://github.com/r00t-3xp10it/venomCategory: Payload Creation Tools

W

Web2Attack
Web Attack / Exploit
Description: Web hacking framework with tools and exploits in PythonRepository: https://github.com/santatic/web2attackCategory: Web Attack Tools / Exploit Framework
WebSploit
Exploit Framework
Description: Advanced MITM frameworkRepository: https://github.com/The404Hacking/websploitCategory: Exploit Framework
Whitespace (Snow10)
Steganography
Description: Use whitespace and unicode for steganographyRepository: https://github.com/beardog108/snow10Category: Steganography Tools
WiFi-Pumpkin
Wireless
Description: Rogue AP framework to create fake networksRepository: https://github.com/P0cL4bs/wifipumpkin3Category: Wireless Attack Tools
WifiPhisher
Phishing / Wireless
Description: Rogue access point framework for Wi-Fi phishingRepository: https://github.com/wifiphisher/wifiphisherCategory: Phishing Attack Tools / Wireless
Wifite
Wireless
Description: Automated wireless attack toolRepository: https://github.com/derv82/wifite2Category: Wireless Attack Tools
Wireshark
Forensics
Description: Network capture and analyzer toolRepository: Pre-installedCategory: Forensic Tools
WordlistCreator (wlcreator)
Wordlist
Description: C program to create all password possibilitiesRepository: https://github.com/Z4nzu/wlcreatorCategory: Wordlist Generator

X

XanXSS
XSS
Description: Reflected XSS searching tool with payload templatesRepository: https://github.com/Ekultek/XanXSSCategory: XSS Attack Tools
XeroSploit
Information Gathering
Description: Penetration testing toolkit for man-in-the-middle attacksRepository: https://github.com/LionSec/xerosploitCategory: Information Gathering Tools
XSpear
XSS
Description: XSS scanner built on Ruby GemsRepository: https://github.com/hahwul/XSpearCategory: XSS Attack Tools
XSS-Freak
XSS
Description: XSS scanner fully written in Python 3 from scratchRepository: https://github.com/PR0PH3CY33/XSS-FreakCategory: XSS Attack Tools
XSS Payload Generator (XSS-LOADER)
XSS
Description: XSS payload generator, scanner, and dork finderRepository: https://github.com/capture0x/XSS-LOADERCategory: XSS Attack Tools
XSSCon
XSS
Description: XSS vulnerability scannerRepository: https://github.com/menkrep1337/XSSConCategory: XSS Attack Tools
XSStrike
XSS
Description: Advanced XSS detection suiteRepository: https://github.com/UltimateHackers/XSStrikeCategory: XSS Attack Tools

Tools by Category Count

  • Information Gathering: 15 tools
  • Phishing Attack: 17 tools
  • XSS Attack: 9 tools
  • SQL Injection: 7 tools
  • Wireless Attack: 9 tools
  • Web Attack: 7 tools
  • Payload Creation: 8 tools
  • DDoS Attack: 5 tools
  • Wordlist Generator: 4 tools
  • Exploit Framework: 4 tools
  • Steganography: 4 tools
  • Reverse Engineering: 3 tools
  • Forensic Tools: 5 tools
  • Post Exploitation: 2 tools
  • Remote Administration (RAT): 2 tools
  • Anonymously Hiding: 2 tools
  • Other Tools: 10+ tool collections
Total: 100+ individual security tools

Build docs developers (and LLMs) love

Get started for freeTalk to us