Linux Security Tools

Comprehensive reference of 96 offensive security tools for Linux, organized into 12 categories. From network reconnaissance to exploitation and reporting, these tools form the foundation of modern penetration testing.

Ethical Use Only

These tools are intended for authorized security testing, CTF competitions, and educational purposes only. Always obtain proper written authorization before testing systems you do not own. Unauthorized access to computer systems is illegal in most jurisdictions.

Categories Overview

Category	Tools	Description
Reconnaissance	11	Information gathering and network discovery tools for mapping attack surfaces and identifying targets.
Password & Brute Force	11	Password cracking, brute force attack, and credential testing tools for security assessments.
Vulnerability Scanning	5	Automated vulnerability detection and assessment tools for identifying security weaknesses.
Network Attacks	8	Network traffic analysis, interception, and attack tools for testing network security.
Exploitation	17	Exploit development, delivery, and execution tools for penetration testing engagements.
Post-Exploitation	9	Tools for maintaining access, privilege escalation, and lateral movement after initial compromise.
Wireless Attacks	7	Tools for auditing wireless network security including Wi-Fi, Bluetooth, and RF protocols.
Web App Testing	5	Web application penetration testing tools for finding and exploiting web vulnerabilities.
Mobile Security	10	Mobile application security testing tools for Android and iOS platforms.
Reverse Engineering	3	Binary analysis, disassembly, and reverse engineering tools for malware analysis and exploit research.
Social Engineering	4	Social engineering and phishing simulation tools for testing human-factor security.
Reporting	6	Vulnerability management, documentation, and reporting tools for professional security assessments.

Reconnaissance

11 tools

Information gathering and network discovery tools for mapping attack surfaces and identifying targets.

NmapGuide

Network scanner & security auditor

Recon-ng

Web reconnaissance framework

theHarvester

E-mail, subdomain, and name harvester

Zenmap

Nmap GUI frontend

DNSRecon

DNS enumeration script

Netdiscover

Active/passive ARP reconnaissance

Maltego

OSINT and graphical link analysis

Unicornscan

Asynchronous stateless TCP scanner

p0f

Passive OS fingerprinting

Masscan

Mass IP port scanner

ZMap

Fast single-packet network scanner

Password & Brute Force

11 tools

Password cracking, brute force attack, and credential testing tools for security assessments.

John the RipperGuide

Password security auditing tool

HashcatGuide

GPU-accelerated password recovery

HydraGuide

Network login brute forcer

Crunch

Wordlist generator

Medusa

Parallel network login auditor

Rainbowcrack

Rainbow table password cracker

CeWL

Custom wordlist generator from websites

Patator

Multi-purpose brute-forcer

Ophcrack

Windows password cracker using rainbow tables

crowbar

Brute force tool supporting protocols like RDP

fcrackzip

ZIP password cracker

Vulnerability Scanning

5 tools

Automated vulnerability detection and assessment tools for identifying security weaknesses.

NiktoGuide

Web server vulnerability scanner

OpenVAS

Open-source vulnerability assessment system

w3af

Web application attack and audit framework

Vuls

Agentless vulnerability scanner for Linux

Nessus

Commercial vulnerability scanner

Network Attacks

8 tools

Network traffic analysis, interception, and attack tools for testing network security.

WiresharkGuide

Network protocol analyzer

Ettercap

Man-in-the-middle attack suite

ArpSpoof

ARP spoofing utility

NetCat

TCP/UDP networking utility

dSniff

Network auditing and penetration testing

Scapy

Interactive packet manipulation

hping3

Network tool for packet crafting

Yersinia

Layer 2 attack framework

Exploitation

17 tools

Exploit development, delivery, and execution tools for penetration testing engagements.

MetasploitGuide

Penetration testing framework

sqlmapGuide

Automatic SQL injection tool

Exploit Pack

Exploit development toolkit

SQL Ninja

SQL Server exploitation toolkit

PTF

Pentest tools framework

jSQL Injection

Java-based SQL injection tool

Armitage

Metasploit GUI frontend

BeEF

Browser exploitation framework

RouterSploit

Router exploitation framework

ShellNoob

Shellcode writing toolkit

ysoserial

Java deserialization exploit generator

Ropper

ROP gadget finder

Commix

Command injection exploitation tool

Exploit-DB

Public exploit database

Pwntools

CTF framework and exploit library

SearchSploit

CLI for Exploit-DB

XSSer

Cross-site scripting framework

Post-Exploitation

9 tools

Tools for maintaining access, privilege escalation, and lateral movement after initial compromise.

Empire

Post-exploitation PowerShell/Python agent

Pupy

Cross-platform remote administration tool

Bloodhound

Active Directory relationship mapper

Mimikatz

Windows credential extraction

Dnscat2

DNS-based C2 channel

Koadic

Windows post-exploitation rootkit

Meterpreter

Metasploit advanced payload

BeRoot

Privilege escalation checker

Pwncat

Post-exploitation platform

Wireless Attacks

7 tools

Tools for auditing wireless network security including Wi-Fi, Bluetooth, and RF protocols.

Aircrack-ngGuide

Wi-Fi security auditing suite

Kismet

Wireless network detector and sniffer

PixieWPS

Offline WPS brute-force tool

Wifite

Automated wireless attack tool

Reaver

WPS brute force attack tool

airgeddon

Multi-use wireless auditing script

wifipumpkin3

Rogue access point framework

Web App Testing

5 tools

Web application penetration testing tools for finding and exploiting web vulnerabilities.

Burp SuiteGuide

Web vulnerability scanner & proxy

OWASP ZAP

Open-source web app scanner

Arachni

Web application security framework

Wfuzz

Web application fuzzer

Skipfish

Active web app security reconnaissance

Mobile Security

10 tools

Mobile application security testing tools for Android and iOS platforms.

Drozer

Android security assessment framework

Androguard

Android application analysis

Frida

Dynamic instrumentation toolkit

MobSF

Mobile security framework

MASTG

OWASP mobile application security testing

NetHunter

Kali Linux mobile penetration testing

Android Tamer

Android security VM

Apktool

Android APK reverse engineering

Quark Engine

Android malware scoring system

bettercap

Network, WiFi, and BLE reconnaissance

Reverse Engineering

3 tools

Binary analysis, disassembly, and reverse engineering tools for malware analysis and exploit research.

Radare2

Reverse engineering framework

Ghidra

NSA reverse engineering suite

Angr

Binary analysis platform

Reporting

6 tools

Vulnerability management, documentation, and reporting tools for professional security assessments.

Dradis

Collaboration and reporting platform

Faraday

Collaborative penetration testing IDE

Serpico

Penetration testing report generator

DefectDojo

Vulnerability management platform

MagicTree

Penetration testing data management

Lair-framework

Collaborative penetration testing