List of Best Ethical Hacking / Penetration Testing Tools

Here is list of useful and Best Software tools that helpful in Ethical Hacking and Penetration Testing, Forensics …

MetaSploit :

Metsploit is a very Powerful PenTesting Tool . Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. The Metasploit Project is also well known for anti-forensic and evasion tools, some of which are built into the Metasploit Framework. Very useful tool for Information Gathering, Vulnerability Scanning, Exploit Development, Client side exploits,…
Official site:


WireShark is a free and best Network Packet Analyzer tool for UNIX and Windows.  It is used for networking troubleshooting, Malware analysis and education.



Nmap(“Network Mapper”) Free Security Scanner For Network Exploration & Hacking.It is used to scan a network and gathers information about the target network including open ports,Services running in the host, OS information,packet filters/firewalls details, and  more.

Official site:

John The Ripper:

JTR is free and  fast password cracker.  Its primary purpose is to detect weak Unix password.
Official site:

Acunetix Web Security Scanner

Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner.
This tools is not free one ;(
Official Site:


Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.
Official site:


IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool’s features are simple enough to be used by absolute beginners.

Official site:


HconSTF is very useful PenTesting tool. It is used for Information gathering,Enumeration & Reconnaissance,Vulnerability assessment, Exploitation,Privilege escalation,Reporting.

Official site:

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Official site:

If you think i left some tools, you can help me to add it.