HackTech

:: YOUR SOURCE FOR CYBER INTELLIGENCE ::

The Arsenal: Tools & Platforms

A complete redistribution of awesome-hacking tooling—each framework, image, and service placed into the operating domains where it excels. Authorization is mandatory before running any capability described below.

Featured Operating Environments

  • Kali Linux

    Debian-based distribution pre-loaded with hundreds of penetration-testing and forensics utilities. Use it as a portable red-team lab or baseline for capture-the-flag engagements.

  • Parrot OS

    Lightweight security-focused Linux that bundles privacy tooling, secure development stacks, and digital forensics suites for professionals who need a hardened daily driver.

  • Mobile Security & Auditing

    Mobile Security Framework (MobSF) powers static and dynamic assessments across Android and iOS. Pair with rooted testing devices for lawful mobile application recon, malware triage, and wireless auditing.

    MobSF GitHub

System Exploitation Frameworks

  • Metasploit

    Full-spectrum exploitation platform used to research vulnerabilities, validate detections, and automate post-exploitation workflows.

  • mimikatz

    Essential Windows credential research toolkit providing Kerberos ticket manipulation, credential extraction, and more for authorized engagements.

  • Hackers tools Playlist

    Guided walk-through of staple offensive utilities—ideal for orienting junior analysts before they enter lab scenarios.

Reconnaissance & OSINT Utilities

  • GHunt

    Investigate Google accounts through public metadata from Gmail, Photos, Maps, and related services to build lawful intelligence profiles.

Docker Images for Penetration Testing & Security

Exploit & Vulnerability Archives

  • Exploit Database

    Rapid7's community-maintained exploit archive and repository of proof-of-concept vulnerable software.

Reverse Engineering Toolchain

Disassemblers & Debuggers

  • IDA

    Multi-processor disassembler and debugger available for Windows, macOS, and Linux analysts.

  • OllyDbg

    32-bit assembler-level debugger favored for rapid Windows binary triage.

  • x64dbg

    Open-source x86/x64 debugger with an extensible plugin architecture for Windows reversing.

  • radare2

    Portable reversing framework providing disassembly, debugging, emulation, and scripting.

  • plasma

    Interactive disassembler for x86/ARM/MIPS that generates readable pseudo-code.

  • ScratchABit

    Retargetable disassembler with IDAPython-compatible plugin API ideal for customization.

  • Capstone

    Lightweight multi-architecture disassembly engine embedding easily into pipelines.

  • Ghidra

    NSA-developed suite providing disassembly, decompilation, scripting, and collaboration.

Decompilers

JVM-based Languages

  • Krakatau

    High-fidelity Java bytecode decompiler handling Scala and Kotlin targets.

  • JD-GUI

    Classic GUI decompiler for inspecting Java classes quickly.

  • Procyon

    Robust Java decompiler particularly strong with modern language features.

  • Luyten

    Swing-based front-end for Procyon delivering searchable, colorized output.

  • JAD

    Historic closed-source Java decompiler useful when matching legacy research.

  • JADX

    Android-focused decompiler converting DEX and APK content into readable Java.

.NET Toolchain

  • dotPeek

    JetBrains .NET decompiler for browsing assemblies and generating source.

  • ILSpy

    Open-source .NET assembly browser and decompiler with active development.

  • dnSpy

    .NET debugger and assembly editor capable of on-the-fly patching.

Native Code

  • Hopper

    macOS/Linux disassembler and decompiler targeting 32/64-bit binaries.

  • cutter

    Qt interface for radare2 combining graph view, debug, and decompiler modes.

  • retdec

    LLVM-based open-source decompiler for PE and ELF binaries.

  • snowman

    User-friendly native code decompiler producing C-like pseudocode.

  • Hex-Rays Decompiler

    Commercial decompiler plugin for IDA supporting multiple architectures.

Python

  • uncompyle6

    Decompiler for over twenty CPython releases, great for legacy bytecode recovery.

Deobfuscation Utilities

  • de4dot

    .NET deobfuscator and unpacker supporting many commercial protectors.

  • JS Beautifier

    Prettify JavaScript, JSON, HTML, and CSS to aid manual analysis.

  • JS Nice

    Statistical variable renaming service to recover semantics from obfuscated JS.

Reverse Engineering Helpers

  • nudge4j

    Bridge JVM internals to a browser for interactive inspection.

  • dex2jar

    Convert Android DEX files into Java class files for downstream tooling.

  • androguard

    Comprehensive Android reverse engineering and malware analysis framework.

  • antinet

    Anti-managed debugger/profiler utilities for .NET security research.

  • UPX

    Pack and unpack executables with the Ultimate Packer for eXecutables.

Execution Logging & Tracing

  • Wireshark

    Industry-standard packet analyzer for capturing and inspecting network conversations.

  • tcpdump

    Command-line packet capture utility paired with the libpcap capture library.

  • mitmproxy

    Interactive man-in-the-middle proxy for inspecting and modifying HTTP/S traffic.

  • Charles Proxy

    Cross-platform GUI proxy for viewing, rewinding, and exporting intercepted sessions.

  • usbmon

    Linux USB bus monitor capturing control, bulk, interrupt, and isochronous transfers.

  • USBPcap

    Windows kernel driver and Wireshark plugin for USB traffic capture.

  • dynStruct

    Recover in-memory structure layouts via dynamic instrumentation.

  • drltrace

    Shared library call tracer built on DynamoRIO for Windows and Linux.

Binary Analysis & Editing

Hex Editors

  • HxD

    Fast hex editor for raw disk editing and RAM inspection.

  • WinHex

    Forensics-ready hex editor supporting data recovery and low-level processing.

  • wxHexEditor

    Open-source hex editor optimized for huge files and disks.

  • Synalize It / Hexinator

    Grammar-based binary parsers for decoding proprietary file formats.

Binary Utilities

  • Binwalk

    Firmware analysis toolkit detecting signatures, extracting archives, and visualizing entropy.

  • Veles

    Statistical visualization platform for binary blobs and encryption research.

  • Kaitai Struct

    DSL and IDE for describing binary formats and generating parsers.

  • Protobuf Inspector

    Inspect and reverse-engineer Protocol Buffers payloads.

  • DarunGrim

    Executable diffing solution to compare patched and unpatched binaries.

  • DBeaver

    Cross-platform database client handy when analyzing embedded data stores.

  • Dependencies

    Modern replacement for Dependency Walker to map DLL relationships.

  • PEview

    Inspect PE/COFF headers and sections within Windows executables.

  • BinText

    Extract ASCII and Unicode strings from binaries for quick triage.

Malware Samples & References

  • Open Malware

    Community-driven repository of malware samples for defensive research.

Web & Network Operations

Web Assessment Tools

  • Spyse

    OSINT search engine aggregating hosts, domains, SSL data, ports, and technologies.

  • sqlmap

    Automate SQL injection discovery and database takeover with tamper scripts.

  • NoSQLMap

    Enumerate and exploit NoSQL backends through injection and privilege abuse.

  • Web-Max Encoders

    Browser-based base64/base85 encoders plus MD4/MD5/SHA1 hashing helpers.

  • VHostScan

    Detect virtual host mappings, wildcard DNS, and aliasing for targeted pivoting.

  • SubFinder

    Passive subdomain enumeration using curated data sources and transformations.

  • Findsubdomains

    Hosted subdomain discovery service validating results across OSINT feeds.

  • badtouch

    Scriptable network authentication cracker tailored for custom attack flows.

  • PhpSploit

    Covert PHP-based C2 framework for maintaining footholds on compromised web servers.

  • Git-Scanner

    Identify publicly exposed .git directories and extract sensitive artifacts.

  • CSP Scanner

    Analyze Content Security Policies for bypasses, missing directives, and weaknesses.

  • Shodan

    Search engine for internet-connected devices, banner data, and exposed services.

  • masscan

    Internet-scale port scanner capable of sweeping the IPv4 space rapidly.

  • Keyscope

    Validate leaked credentials and API keys across SaaS providers.

  • Decompiler.com

    Online decompiler supporting Java, Android, Python, and C# binaries.

Web Application Security References

  • Strong node.js

    Checklist and guidelines for securing Node.js services during code reviews.

Network Reconnaissance & Exploitation

  • NetworkMiner

    Network forensic analysis tool extracting hosts, sessions, files, and credentials.

  • Paros

    Java-based HTTP/HTTPS proxy for active web application vulnerability testing.

  • pig

    Linux packet crafting toolkit useful for fuzzing and replaying custom packets.

  • findsubdomains

    High-speed subdomain discovery service supporting recon-scale inventories.

  • cirt-fuzzer

    Simple TCP/UDP protocol fuzzer for uncovering malformed input handling.

  • ASlookup

    Investigate autonomous systems, associated CIDR blocks, and organizational metadata.

  • OWASP ZAP

    Integrated penetration testing proxy for mapping and attacking web applications.

  • mitmsocks4j

    Java-based man-in-the-middle SOCKS proxy capturing interactive sessions.

  • ssh-mitm

    Intercept SSH/SFTP connections to log credentials and commands during authorized tests.

  • nmap

    Swiss Army knife network scanner for host discovery, port mapping, and scripting.

  • Aircrack-ng

    802.11 suite for packet capture, WEP/WPA cracking, and wireless security assessments.

  • Nipe

    Route all host traffic through Tor to emulate anonymized adversary behavior.

  • Habu

    Python hacking toolkit covering sniffing, spoofing, and discovery tasks.

  • Wifi Jammer

    Demonstrate Wi-Fi denial-of-service scenarios during controlled exercises.

  • Firesheep

    Classic HTTP session hijacker to illustrate the need for TLS everywhere.

  • Scapy

    Powerful Python library for crafting, sending, and dissecting packets.

  • Amass

    Enumerate attack surfaces via scraping, brute forcing, alterations, and reverse DNS sweeps.

  • sniffglue

    Secure multithreaded packet sniffer with modern TLS handling.

  • Netz

    Discover misconfigurations across the public internet using zgrab2 and supporting tools.

  • RustScan

    Lightning-fast port scanner that feeds discovered ports to nmap for deep enumeration.

  • PETEP

    Extensible TCP/UDP proxy with GUI and TLS support for traffic modification.

Digital Forensics & Cryptography

Digital Forensics Suites

  • Autopsy

    GUI for The Sleuth Kit enabling timeline analysis, carving, and reporting.

  • sleuthkit

    Command-line forensics toolkit providing low-level disk and filesystem parsing.

  • EnCase

    Commercial investigative suite used for incident response and legal-grade evidence.

  • malzilla

    Inspect malicious web content, decode obfuscated scripts, and extract payloads.

  • IPED

    Brazilian Federal Police digital evidence indexer and processor.

  • CyLR

    Collects critical forensic artifacts from Windows systems for rapid triage.

  • CAINE

    Ubuntu-based live environment bundling a comprehensive forensics toolkit.

Cryptography & Password Cracking Tools

  • xortool

    Recover key size and plaintext from repeated-key XOR ciphertexts.

  • John the Ripper

    Password cracking powerhouse with extensive hash type support.

  • Aircrack

    Use captured Wi-Fi packets to audit WEP and WPA-PSK network security.

  • Ciphey

    AI-assisted automatic decryption engine for classic ciphers and encodings.

Post-Exploitation & Knowledge Bases

Post-Exploitation Frameworks

  • Empire

    PowerShell and Python agent framework with flexible command and control.

  • SILENTTRINITY

    IronPython-powered post-exploitation project bypassing constrained PowerShell environments.

  • PowerSploit

    PowerShell offensive security modules for reconnaissance, exploitation, and persistence.

  • Ebowla

    Generate payloads keyed to environmental attributes to evade replay on other systems.

Hardware & Physical Assessment Gear

  • Hak5 WiFi Pineapple

    Portable wireless auditing platform with cloud management, payload ecosystem, and rich reporting.

  • Hak5 USB Rubber Ducky

    Programmable keystroke injector demonstrating endpoint abuse from unattended workstations.

  • Hak5 Key Croc

    Network-enabled keylogging implant useful for illustrating physical access risks.

  • Proxmark3

    RFID/NFC research platform supporting sniffing, cloning, and emulation of badge technologies.

  • Proxmark3 Firmware

    Open-source codebase powering Proxmark hardware deployments.

  • Flipper Zero

    Multi-tool for pentesters featuring radio, RFID, infrared, and GPIO interfaces.

Security Knowledge Bases & Inventories