A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.

• UpdatedJan 25, 2026

AutoPentestX – Automated Pentesting & Vulnerability Reporting Tool

• UpdatedFeb 2, 2026
• Python

An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.

• UpdatedFeb 19, 2026
• Python

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.

• UpdatedDec 8, 2025
• Go

FluxER - The bash script which installs and runs the Fluxion tool inside Termux. The wireless security auditing tool used to perform WPA/WPA2 auditing and MITM auditing.

• UpdatedJan 12, 2026
• Shell

WebSift is an OSINT ethical hacking tool designed to scrape and extract emails, phone numbers, and social media links or other URLs from websites. It is developed for Termux and Linux-based systems

• UpdatedDec 4, 2025
• Shell

A modern tool written in Python that automates your xss findings.

• UpdatedNov 26, 2023
• Python

Hands-on ethical hacking projects for beginners, covering network scanning, web app testing, password cracking, honeypots, Wi-Fi auditing, phishing, and SQL injection.

• UpdatedJun 3, 2024

Next-Gen Stealer written in Go. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For educational purposes only)

• UpdatedDec 11, 2024
• Go

It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web appli…

• UpdatedJun 17, 2022
• Python

H.I.V.E is an automated OSINT (Open Source Intelligence) multi-tool that enables efficient data gathering from various sources through the utilization of a single, unified platform.

• UpdatedJul 21, 2024
• Python

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

• UpdatedMar 1, 2021
• C#

API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).

• UpdatedJan 25, 2026

PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications with various application protocols. ⚡

• UpdatedDec 1, 2023
• Java

Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡

• UpdatedNov 14, 2025
• Python

This is a local search engine to search for cybersecurity tools. It has 3000+ tools in it's database.

• UpdatedOct 1, 2025
• HTML

hulk is a ddos attacking tool

• UpdatedDec 9, 2024
• Python

The Ultimate ESP32 Jammer w/ 5 Radios. #RIPflipper -- V2 OUT NOW

• UpdatedJan 26, 2026
• C++

NetProbe: Network Probe

• UpdatedOct 13, 2024
• Python

Collection of Combination of 👨🏻‍💻Ethical Hacking, 🐧Linux, Cyber security, 💰Bug Bounty, Penetration testing, Networking and more IT Related Books that are Publicly Available.

• UpdatedJun 17, 2024