π οΈ Kostenlose Tools
Sicherheitstools fΓΌr Bildung und autorisierte Tests
β οΈ Rechtlicher Hinweis
Die auf dieser Website bereitgestellten Tools dienen ausschliesslich zu Bildungszwecken und autorisierten Sicherheitstests in kontrollierten Lab-Umgebungen. Mit dem Herunterladen oder der Nutzung eines Tools bestΓ€tigen Sie, dass Sie eine ausdrΓΌckliche schriftliche Genehmigung zum Testen des Zielsystems besitzen. Die unbefugte Nutzung ist illegal und kann strafrechtliche Konsequenzen haben. Der Autor ΓΌbernimmt keine Verantwortung.
No tools found matching your search.
π§ Interne Tools
Cognix Any Converter
Utility
My IP Checker
Network
Random Password Generator Pro
Security
Advanced Infrastructure Scanner
Pentest
Web Application Scanner
Pentest
Get System and All Privs
PowerShell
Web Method Inspector
Web
Yara Pro Rule Generator
DFIR
Wifi Password Viewer
Network
BMI Calculator
Utility
Webpage Link Parser
Web
Cipher Decode
Crypto
π Externe Tools
πΊ Enumeration & Privilege Escalation
WinPEAS β
Automated Windows privilege escalation enumeration script
LinPEAS β
Automated Linux privilege escalation enumeration script
Seatbelt β
Windows host enumeration and security checks for post-exploitation
PowerUp β
PowerShell script for Windows privilege escalation checks
SharpUp β
C# port of PowerUp for Windows privilege escalation enumeration
JAWS β
PowerShell script for Windows enumeration and privilege escalation
PrivescCheck β
PowerShell script to enumerate common Windows privesc vectors
Watson β
Enumerate missing patches for local privilege escalation vulnerabilities
WES-NG β
Windows Exploit Suggester Next Generation β identifies missing patches
Sherlock β
PowerShell script to find missing patches for privilege escalation
Windows Exploit Suggester β
Identifies missing patches and suggests exploits based on systeminfo
EnableAllTokenPrivs β
PowerShell script to enable all available token privileges
psgetsys (GetSystem) β
PowerShell parent process spoofing for SYSTEM shell via SeDebugPrivilege
accesschk β
Sysinternals tool to check object permissions β services, files, registry
π₯ Potato Attacks β SeImpersonate
GodPotato β
Universal SeImpersonate privilege escalation via DCOM/RPC
PrintSpoofer β
SeImpersonate exploit abusing the Print Spooler service
JuicyPotato β
SeImpersonate/SeAssignPrimaryToken exploit via DCOM (pre-1809)
RoguePotato β
SeImpersonate privilege escalation for Windows Server 2019+
SweetPotato β
Collection of Potato exploits bundled into one tool
incognito β
Token impersonation and manipulation for privilege escalation
π Credential Dumping & Password Recovery
Mimikatz β
Credential dumping tool for Windows authentication secrets
pypykatz β
Python implementation of Mimikatz for offline LSASS dump parsing
LaZagne β
Password recovery tool for locally stored credentials
SessionGopher β
Extracts saved session credentials from WinSCP, PuTTY, RDP and more
lsassy β
Remote LSASS dump and credential extraction via various methods
nanodump β
Stealthy LSASS minidump with AV/EDR evasion techniques
secretsdump β
Impacket tool to dump SAM, LSA secrets and NTDS.dit remotely
HiveNightmare β
CVE-2021-36934 β read SAM/SYSTEM/SECURITY hives as low-priv user
Hashcat β
Advanced GPU-based password hash cracking tool
John the Ripper β
Classic CPU-based password hash cracking tool
Responder β
LLMNR/NBT-NS poisoner for credential capture on local networks
Inveigh β
PowerShell LLMNR/SMB credential capture and relay tool
ποΈ Active Directory
BloodHound β
Active Directory attack path visualization and analysis
SharpHound β
BloodHound data collector β enumerates AD objects and relationships
PowerView β
PowerShell-based AD enumeration and situational awareness tool
Snaffler β
Finds credentials and sensitive files on Windows file shares
ldapdomaindump β
Dumps AD information via LDAP into readable HTML/JSON/CSV files
windapsearch β
Python script for AD enumeration via unauthenticated LDAP queries
ADRecon β
PowerShell AD reconnaissance tool with Excel report output
PingCastle β
AD security assessment and risk scoring tool
mssqlclient (Impacket) β
Python toolkit for network protocols including MSSQL client
PowerUpSQL β
PowerShell toolkit for MSSQL server enumeration and privilege escalation
π« Kerberos Attacks
Rubeus β
C# Kerberos toolset β AS-REP roasting, Kerberoasting, ticket manipulation
kerbrute β
Fast Kerberos username enumeration and password spraying tool
GetUserSPNs (Impacket) β
Kerberoasting β requests TGS tickets for SPN accounts
GetNPUsers (Impacket) β
AS-REP Roasting β get hashes for accounts without pre-auth
ticketer (Impacket) β
Creates Golden and Silver Kerberos tickets for persistence
targetedKerberoast β
Targeted Kerberoasting by abusing GenericWrite/GenericAll ACLs
KrbRelay β
Kerberos relay attacks for local privilege escalation via DCOM
βοΈ Lateral Movement
Evil-WinRM β
WinRM shell for pentesting with built-in upload/download and scripts
CrackMapExec β
Swiss army knife for SMB/WinRM/LDAP lateral movement and spraying
psexec (Impacket) β
Remote code execution via SMB named pipes as SYSTEM
wmiexec (Impacket) β
Semi-interactive shell via WMI β no service installation required
smbexec (Impacket) β
Remote command execution via SMB service creation
xfreerdp β
Cross-platform RDP client for remote desktop connections
πͺ DLL Hijacking
Process Monitor (ProcMon) β
Sysinternals β monitor file system, registry and process activity in real time
Robber β
Finds executables vulnerable to DLL hijacking via PATH analysis
DLLSpy β
CyberArk tool to detect DLL hijacking vulnerabilities in running processes
hollows_hunter β
Scans running processes for injected code and hollowed modules
pe-sieve β
Scans a process for replaced or injected PE modules
π‘ Network Scanning & Discovery
Nmap β
Industry-standard network scanner for host discovery and port scanning
Masscan β
Fastest TCP port scanner β scans the entire internet in under 6 minutes
RustScan β
Modern port scanner β finds open ports in seconds, hands off to Nmap
nbtscan β
Scans networks for NetBIOS name information
netdiscover β
Active/passive ARP reconnaissance tool for local networks
arp-scan β
Send ARP requests to enumerate hosts on local network segments
π» AV Evasion / OPSEC
amsi.fail β
Online generator for AMSI bypass snippets β obfuscated PowerShell
Invoke-Obfuscation β
PowerShell script obfuscation framework with multiple techniques
DefenderCheck β
Identifies which bytes in a binary trigger Windows Defender
Donut β
Converts PE/DLL/.NET to position-independent shellcode for injection
Veil β
Payload generator framework for AV-evading executables
ScareCrow β
EDR-evading payload framework using side-loading and code signing
Freeze β
Payload toolkit for bypassing EDR solutions using suspended processes
π§ Linux Privilege Escalation
LinPEAS β
Automated Linux/Unix privilege escalation enumeration script
LinEnum β
Linux enumeration and privilege escalation checks shell script
linux-exploit-suggester β
Suggests kernel exploits based on current kernel version
linux-exploit-suggester-2 β
Next-generation Linux kernel exploit suggester in Perl
pspy β
Monitor Linux processes without root β spot cron jobs and scripts
GTFOBins β
Curated list of Unix binaries that can bypass local security restrictions
sudo_killer β
Tool to identify and exploit sudo misconfigurations
unix-privesc-check β
Shell script to check for misconfigurations on Unix systems
πΉοΈ Post-Exploitation / C2 Frameworks
Metasploit Framework β
The industry-standard exploitation and post-exploitation framework
Sliver β
BishopFox open-source C2 framework with mTLS/WireGuard/HTTP transport
Havoc β
Modern C2 framework with evasion-focused Windows agent (Demon)
Covenant β
.NET-based collaborative C2 framework with web UI
Empire β
Post-exploitation framework with PowerShell, Python and C# agents
Mythic β
Modular C2 framework with Docker-based agents and web interface
π¬ Forensics & Utilities
Eric Zimmerman's Forensic Tools β
Collection of forensic tools for Windows artifact analysis
Sysinternals Suite β
Microsoft toolkit for Windows system administration and analysis
HxD Hex Editor β
Free hex editor for binary file analysis
MalwareBazaar β
Malware sample sharing and threat intelligence platform
YARA Rule Writing β
Documentation for writing YARA malware detection rules
SQLite Browser β
Visual tool to create and edit SQLite databases
XAMPP β
Local Apache, MySQL and PHP development environment
Reverse Shell Generator β
Online generator for reverse shell one-liners
MXToolbox β
DNS, MX and network diagnostic tools
LastPass Password Generator β
Online secure password generator
CyberChef β
GCHQ web app for encoding, decoding, encryption and data analysis
VirusTotal β
Online file and URL analysis against 70+ AV engines
ANY.RUN β
Interactive online malware sandbox for Windows and Linux samples