Must-Haves
A curated collection of essential tools and resources for Windows and general pentesting. These tools form the foundation of a well-equipped ethical hacking toolkit.
Windows Pentesting Essentials
PowerShell Empire
Post-ExploitationPost-exploitation framework for Windows environments with extensive module support.
Mimikatz
Credential AccessCredential extraction tool for Windows authentication mechanisms.
BloodHound
EnumerationActive Directory attack path visualization and enumeration tool.
Rubeus
WindowsKerberos abuse toolkit for Windows domain environments.
SharpHound
EnumerationData collector for BloodHound, gathers information about Active Directory.
WinPEAS
Privilege EscalationWindows privilege escalation enumeration script with comprehensive checks.
Linux Tools
LinPEAS
Privilege EscalationLinux privilege escalation enumeration script with automated checks.
GTFOBins
ReferenceCurated list of Unix binaries that can be exploited for privilege escalation.
Linux Exploit Suggester
Privilege EscalationTool to identify potential privilege escalation vectors on Linux systems.
pspy
EnumerationMonitor Linux processes without root permissions for privilege escalation.
Browser Extensions
FoxyProxy
Web TestingAdvanced proxy management tool for browser-based testing workflows.
Wappalyzer
EnumerationIdentify web technologies and frameworks used by target applications.
Cookie Editor
Web TestingView and modify browser cookies for session manipulation testing.
User-Agent Switcher
Web TestingChange browser user agent strings for testing different client scenarios.
Useful Cheat Sheets
PayloadsAllTheThings
ReferenceComprehensive collection of payloads and bypass techniques for various vulnerabilities.
HackTricks
ReferenceExtensive documentation covering pentesting methodologies and techniques.
OSCP Cheat Sheet
ReferenceQuick reference guide for common enumeration and exploitation commands.
Reverse Shell Cheat Sheet
ReferenceCollection of reverse shell payloads for various programming languages.