Tools

I rewrote this article so it would be true to its name. It used to be a random list of tools I moved to Hacking Tools and here I will only talk about the very few tools I like and use the most. I chose to embrace modernity and most of my stack is modern “go/rust and such” based alternatives to legacy tools. I will give one tool per category or utility. You also might find many things from project discovery. I like those guys work very much.

Reconnaissance and Scanners

One would immediately say “nmap” and be right but many improved nmap already and I chose to work with rustscan as it is “Fast as F$ck Boi” it is written in rust and can even work with nmap. Sometimes I might use naabu too. My classic process is discovering open ports with rustscan, then look at them closely with nmap. For common vulnerabilities scanning nuclei is a very good option.

Web content discovery

ffuf is my favorite one and feroxbuster seems to be the major contenders here. I am thinking about ditching gobuster (which is also very fast tho) to simply master ffuf.

Subdomains enumeration

Here it is usually recommended to try multiple tools to avoid missing some information. I keep two: Amass and Subfinder. Sometimes katana finds stuff I might have missed.

Web security proxies

Caido and I want to see them grow and actually be worth replacing Burp. Most of other tools I might need for web would be circonstancial or crafted for acute exploitation. Also note that things like metasploit and the exploit db have almost no serious contenders

RE and Pwn

Actually the first tool needed here is your brain and second would be python (Pwn and automation mostly) but pwndbg is very a very good extension of the good ol’ gdb. Ghidra is the most powerful free option for RE and Binary Ninja looks cool…IDA free is not enough while the Pro version will cost you an arm and leg.

Networks security

Wireshark is obviously a must and unbeatten so far

Miscellanous

Irronically this would be the most important category here because as a hacker the best tool for you would be the one you built yourself…perfectly tailored for your use cases and fine-tuned to the kind of things you want to “hack”. Therefore automation and exploit crafting is a must (yes, even if you are on the blue side). Well this is my personal top pick of tools and this will be updated when I find tools that fit my needs and that I use very often. I am making my own hacking tools but shhh…I will tell you more soon. You can find a more extensive list of hacking tools right here.