Hacking tools + Uses +Download location [Aluf]

baqar Apr 1st, 2019 185 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  2. link :
  4. 2.Wegilant's BlackHound
  5. link :
  7. 3.IP-Digger v 3.0 The WeB Xploit3r Released by Team FreaK Coderz
  9. IP- Digger is free pentesting and exploiting tool coded by two young indian Programmers and Hackers
  10. Commonly known as Manoj Nath ( Silent Hacker ) and Gurender Singh ( Un_noN ) .
  11. After the successful release of their previous two version so called
  12. <^> IP-Digger v1.0 :- The Initial Beginning
  13. Download Link :-
  15. <^> IP-Digger v2.0 :- The Disaster
  16. Now The Freak Coderz team has released the Ip-Digger v3.0 The WeB Xploit3r whic includes all new features
  17. which a hacker required while exploiting a website .
  18. It is tool used when you are not able to take down or hack the main website but by this tool you can get the server access.
  19. Itz all user friendly and It is free for all =))
  20. Features Of IP-DiggEr v3.0 The WeB Xploit3r
  21.  PHP Server Based
  22. 1 - SQLI Websites        [+] Advance Search Mode Added
  23. 2 - XSS Websites         [+] Advance Search Mode Added
  24. 3 - LFI Websites         [+] Advance Search Mode Added
  25. 4 - RFI Websites         [+] Advance Search Mode Added
  26. 5 - Admin Panels         [+] Advance Search Mode Added
  27. 6 - Upload Vulnerability [+] Advance Search Mode Added
  28.  ASP Server Based
  29. 7 - ASP SQLI Websites         [+] Advance Search Mode Added
  30. 8 - ASP XSS Websites          [+] Advance Search Mode Added
  31. 9 - ASP Admin Panels          [+] Advance Search Mode Added
  32. 10 - ASP Upload Vulnerability [+] Advance Search Mode Added
  33.  Website Related Tools
  34. 11 - Wordpress Website Finder
  35. 12 - Joomla Website Finder
  36. 13 - Sub Domain Scanner                    [+] New Feature Added  
  37. 14 - Web Terminator ( DDos Attack )        [+] New Feature Added
  38. 15 - IP Resolver                           [+] New Feature Added
  39. 16 - NS Lookup                             [+] New Feature Added
  40. 17 - Joomla Website Vulnerability Scanner  [+] New Feature Added
  41. Ip- DiggEr v3.0 The WeB Xploit3r Download Link :-
  46. 4. || Project IP-Digger v2.0 released by Team Freak Coderz ||
  48. IP Digger is a free pentesting tool for finding the Vulnerable websites on the Particular IP Address Given By the Attacker :) . As it is the first tool of the Freak Coderz first =))
  49. It works perfectly on Backtrack 5 r3 :))
  50. Author :- Manoj Nath ( Silent Hacker )
  51. Project Name :- IP-Digger v2.0
  53. IP-Digger is for the Hackers or we can pentesters or the web admins who want to find the vulnerable websites if they have the Shared hosting. This tool can minimize the risk of getting hacked by finding the Several Vulnerable websites.
  54. For Hackers it is a great tool for finding the vulnerable website in their Target and exploit it and then Easily defacing :)
  55. Tool Name :- IP-Digger v2.0 The Disaster
  56. Coded by :- Manoj Nath aka Silent Hacker ( INDIAN HACKER )
  57. Features of IP - Digger
  58. 1) ADVANCE SQLI Vulnerable Website Finder
  59. 2) ADVANCEXSS Vulnerable Website Finder
  60. 3) ADVANCELFI Vulnerable Website Finder
  61. 4) ADVANCERFI Vulnerable Website Finder
  62. 5) ADVANCE Admin Panels
  63. 6) ADVANCE Upload Vulnerability sites finder
  65.  Joomla and Wordpress website finder
  66. 9 BUgs LeeCher section added
  67. Download Link :-
  71. 5.winAUTOPWN v3.0 Released - System vulnerability exploitation
  72. Framework
  74. WINAUTOPWN ACTIVE SYSTEMS TRANSGRESSOR GUI [ C4 - WAST ] is a Systems and Network Exploitation Framework built on the famous winAUTOPWN as a backend.  
  75. C4 - WAST gives users the freedom to select individual exploits and use them.
  76. BSDAUTOPWN has been compiled, like always for various flavours and has been upgraded to version 1.8 alongwith all applicable exploits
  77. WINAUTOPWN requires PERL,PHP,PYTHON,RUBY and its dependencies alongwith a few others' too for smooth working of exploits included in it.
  78. link:
  80. 6.The Mole: Automatic SQL Injection Exploitation Tool
  83. Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a Boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily.
  84. link:
  86. 7.Sqlninja 0.2.6
  89. Features:
  91.  >> Fingerprint of the remote SQL Server (version, user performing the queries, user privileges, xp_cmdshell availability, DB authentication mode)
  92. >>  Bruteforce of 'sa' password (in 2 flavors: dictionary-based and incremental).
  93. >> Creation of a custom xp_cmdshell if the original one has been removed
  94. >> Upload of netcat (or any other executable) using only normal HTTP requests (no FTP/TFTP needed).
  95. >> TCP/UDP portscan from the target SQL Server to the attacking machine, in order
  96. to find a port that is allowed by the firewall of the target network
  97. and use it for a reverse shell.
  98. >> Direct and reverse bindshell, both TCP and UDP
  99. >> ICMP-tunneled shell, when no TCP/UDP ports are available for a direct/reverse
  100. shell but the DB can ping your box.
  101. >> DNS-tunneled pseudo-shell, when no TCP/UDP ports are available for
  102.  a direct/reverse shell, but the DB server can resolve external hostnames
  103.  (check the documentation for details about how this works).
  104. >> Evasion techniques to confuse a few IDS/IPS/WAF.
  105. >> Integration with Metasploit3, to obtain a graphical access to the remote DB
  106.  server through a VNC server injection.
  108. link:
  110. 8.HexorBase - The DataBase Hacker Tool
  112. To Audit Management and Multiple Databases
  116. HexorBase is a database application designed for management and audit multiple database servers simultaneously from a single location, is able to perform SQL queries and brute force attacks against servers common database ( MySQL, SQLite, Microsoft
  117. SQL Server, Oracle, PostgreSQL ).
  118. This tool is simple to use and very practical, may have to know a little SQL, but the basics.
  121. HexorBase runs on Linux and presumably Windows, and requires:
  123. python-qt4 python python-MySQLdb cx_Oracle python-psycopg2 python-python-qscintilla2 pymssql
  124.  To install it you must download and from the console:
  126. root @ host: ~ # dpkg-i hexorbase_1.0_all.deb
  129. Project website and download HexorBase:
  135. 9.Net Tools 5.0 (Net Tools 5.x)
  139. This tools is a hacker friendly. Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET.
  140. There has a 175 tools list in one software.. Tools Content
  141.  link :
  143. 10.ARPwner – ARP & DNS Poisoning Attack Tool
  145. ARPwner is a tool to do ARP poisoning and DNS poisoning attacks, with a simple GUI and
  146. a plugin system to do filtering of the information gathered, also has a implementation of SSLstrip and is coded in python.
  148. link:
  150. 11.Intercepter Sniffer
  152. Intercepter is a sniffer tool which offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/
  154. AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
  156. link:
  158. 12.Havij v1.15 Advanced SQL Injection
  160. Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
  162.  link :
  164. 13.Ani-Shell
  168. Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization.
  170. Customisation
  171. 1. Email Trace back is set to Off as default and emails will not be sent , If you are setting
  172. this feature on make sure you change the default email address (
  173.  to Your email address , Please Change it before using.
  174. 2. Username and Passwords are set to lionaneesh and lionaneesh respectively , Please change them for better
  175. security.
  176. 3. As a default Lock Mode is set to on! This should not be change unless you want your shell exposed.
  178. Default Login
  179. Username : lionaneesh
  180. Password : lionaneesh
  182. Features
  183.     Shell
  184.     Platform Independent
  185.     Mass - Mailer
  186.     Small Web-Server Fuzzer
  187.     DDoser
  188.     Design
  189.     Secure Login
  190.     Deletion of Files
  191.     Bind Shell
  192.     Back Connect
  193.     Fixed Some Coding errors!
  194.     Rename Files
  195.     Encoded Title
  196.     Traceback (Email Alerts)
  197.     PHP Evaluate
  198.     Better Command Execution (even supports older version of PHP)
  199.     Mass Code Injector (Appender and Overwriter)
  200.     Lock Mode Customization
  202. Latest Version Addition
  203.     Mail Bomber (With Less Spam detection feature)
  204.     PHP Decoder
  205.     Better Uploader
  206.     Fixed some Coding errors
  207.  link :
  209. 14.SQL MAP 0.9                                        
  213. sqlmap 0.9 has been released and has a considerable amount of changes including an almost entirely re-written SQL Injection detection engine.
  215. Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Its a good tools for find Sql Vulnerability.
  217. New Features/Changes-->
  219. Rewritten SQL injection detection engine (Bernardo and Miroslav).
  220. Support to directly connect to the database without passing via a SQL injection, -d switch (Bernardo and Miroslav).
  221. Added full support for both time-based blind SQL injection and error-based SQL injection techniques (Bernardo and Miroslav).
  222. Implemented support for SQLite 2 and 3 (Bernardo and Miroslav).
  223. Implemented support for Firebird (Bernardo and Miroslav).
  224. Implemented support for Microsoft Access, Sybase and SAP MaxDB (Miroslav).
  225. Added support to tamper injection data with –tamper switch (Bernardo and Miroslav).
  226. Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack (Miroslav).
  227. Added support to fetch unicode data (Bernardo and Miroslav).
  228. Added support to use persistent HTTP(s) connection for speed improvement, –keep-alive switch (Miroslav).
  229. Implemented several optimization switches to speed up the exploitation of SQL injections (Bernardo and Miroslav).
  230. Support to parse and test forms on target url, –forms switch (Bernardo and Miroslav).
  231. Added switches to brute-force tables names and columns names with a dictionary attack, –common-tables and –common-columns.
  233.  link :
  235. 15.DRIL – Domain Reverse IP Lookup Tool:
  239. DRIL (Domain Reverse IP Lookup) Tool is a Reverse Domain Tool that will really be useful for penetration testers to find out the domain names which are listed in the the target host, DRIL is a GUI, JAVA based application which uses a Bing API key.
  241. DRIL has a simple user friendly interface which will be helpful for penetration tester to do their work fast without a mess, this is only tested on Linux but as it is JAVA it should work on Windows too.
  242. There are various other tools which carry out similar tasks..
  244.  link :
  246. 16.Burp Suite
  247. Last update: 5th April 2015
  249. Burp Suite has several features that can help the penetration tester or ethical hacker. Two commonly used applications used within this tool include the 'Burp Suite Spider' which can enumerate and map out the various pages and parameters of a web site by examining cookies and initiates connections with these web applications, and the 'Intruder' which performs automated attacks on web applications.
  251. Burp Suite is an excellent web hacking tool that many pentesters use to test the vulnerability of websites and web applications. Burp suite works by using detailed knowledge of the application that has been targeted within the HTTP protocol. The tool works through an algorithm that is configurable and that can generate malicious attacking HTTP requests that a hacker would use. Burp Suite is particularly useful for discovering vulnerabilities such as SQL injections and cross-site scripting.
  253.  link:
  255. 17.Metasploit
  256. Last update: 5th April 2015
  258. The Metasploit Project, or better known as simply '' is a hugely popular pentesting or hacking tool that is used by cybersecurity professionals and ethical hackers. Metasploit is essentially a computer security project that supplies information about known security vulnerabilities and helps to formulate penetration testing and IDS testing.
  260. Metasploit is in fact a sub-project of the Metasploit Framework. This hacker tool and framework is best known for its anti-forensic and evasion tools, some of which are built into the Metasploit Framework.
  262.  link :
  264. 18.Angry IP Scanner
  265. Last update: 5th April 2015
  267. Angry IP Scanner, also known as 'ipscan' is a freely available (open-source and cross-platform) hacking network scanner that is both fast and easy to use. The main purpose of this hacking tool is to scan IP addresses and ports to find open doors and ports. Worth noting that Angry IP Scanner also has a bunch of othere uses as well. Common users of this hacking tool includes network administrators and system engineers.
  269.  link :
  271. 19.Kali Linux
  272. Last update: 5th April 2015
  274. Although not really a 'hacking tool' we receive a lot of traffic on this popular Linux Distro. Kali Linux contains all the tools listed in our hacker tools list within a stable enviornment and was re-launched several years back from the previous BackTrack project. The Linux Distrobution is very well supported and has an excellent community.
  276.  link :
  278. 20.Snort
  279. Last update: 5th April 2015
  281. Snort is an awesome hacking and network tool that can be configured in one of three modes: it can either be used as a sniffer, packet logger, or within network intrusion detection. In the (more commonly used) sniffer mode, this hackers program will read (sniff) network packets and display them on a GUI. In the packet logger mode, Snort will audit and log packets to the disk. In intrusion detection mode, Snort monitors network traffic and analyzes it against a rule set defined by the user.
  283.  link :
  285. 21.Cain & Abel
  286. Last update: 5th April 2015
  288. Cain &Abel is a password recovery tool that is mostly used for Microsoft Operating Systems. This popular hacking tool allows the user to seek the recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks. Cain, as it is often referred to, can also record VoIP conversations, decode hashed scrambled passwords, recover wireless network keys and more! If you need a solid password cracking platform then look no further, Cain is certainly your friend.
  290.  link :
  292. 22.THC Hydra
  293. Last update: 5th April 2015
  295. Although often considered as yet another password cracker, THC Hydra is hugely popular and has a very active and experienced development team. Essentially THC Hydra is a fast and stable Network Login Hacking Tool that will use dictionary or brute-force attacks to try various password and login combinations against an log in page. This hacking tool supports a wide set of protocols including Mail (POP3, IMAP, etc.), Databases, LDAP, SMB, VNC, and SSH.
  297.  link :
  299. 23.Ettercap
  300. Last update: 5th April 2015
  302. Ettercap has a huge following and is widely used by cybersecurity professionals. Ettercap works by placing the users network interface into promiscuous mode and by ARP poisoning the target machines, i.e. facilitating a 'Main In The Middle' or MITM attack. Once successfull Ettercap (and the hacker) can deploy various attacks on the victims. A popular feature about Ettercap is its' ability to support various plugins.
  304.  link :
  306. 24.John The Ripper
  307. Last update: 5th April 2015
  309. John the Ripper is a popular password cracking pentesting tool that is most commonly used to perform dictionary attacks. John the Ripper takes text string samples (from a text file, referred to as a wordlist, containing popular and complex words found in a dictionary or real passwords cracked before), encrypting it in the same way as the password being cracked (including both the encryption algorithm and key), and comparing the output to the encrypted string. This tool can also be used to perform a variety of alterations to dictionary attacks.
  311. In addition, John also offers a bunch of brute force options using frequency tables to try plaintexts containing more frequently used characters.
  313.  link :
  315. 25.Wapiti
  317. Wapiti has a very loyal following. As a pentesting tool (or framework) Wapiti is able to scan and detect hundreds of possible vulnerabilities. Essentially this Multi Purpose Hacker Tools can audit the security of web applications by performing "black-box" scans, i.e. it does not study the source code of the application but will scan the HTML pages of the application seeking scripts and forms where it can inject data.
  319.  link :
  321. 26. Aircrack
  323. Aircrack is one of the most popular wireless passwords cracking tools which you can use for 802.11a/b/g WEP and WPA cracking. Aircrack uses the best algorithms to recover wireless passwords by capturing packets. Once enough packets have been gathered, it tries to recover the password. To make the attack faster, it implements a standard FMS attack with some optimizations.
  325. The company behind the tool also offers an online tutorial where you can learn how to install and use this tool to crack wireless passwords. It comes as Linux distribution, Live CD and VMware image options. You can use any of these. It supports most of the wireless adapters and is almost guaranteed to work. If you are using a Linux distribution, the only drawback of the tool is that it requires deeper knowledge of Linux. If you are not comfortable with Linux, you will find it hard to use this tool. In this case, try Live CD or VMWare image. VMWare Image needs less knowledge, but it only works with a limited set of host OS, and only USB devices are supported.
  327. Before you start using this too, confirm that the wireless card can inject packets. Then start WEP cracking. Read the online tutorial on the website to know more about the tool. If you will follow steps properly, you will end up getting success with this tool.
  329. Download:
  331. 27. AirSnort
  333. AirSnort is another popular tool for decrypting WEP encryption on a wi-fi 802.11b network. It is a free tool and comes with Linux and Windows platforms. This tool is no longer maintained, but it is still available to download from Sourceforge. AirSnort works by passively monitoring transmissions and computing encryption keys once it has enough packets received. This tool is simple to use. If you are interested, you can try this tool to crack WEP passwords.
  335. Download:
  337. 28. Cain & Able
  339. Cain & Able is a popular password cracking tool. This tool is developed to intercept network traffic and then discover passwords by bruteforcing the password using cryptanalysis attack methods. It can also recover wireless network keys by analyzing routing protocols. It you are trying to learn wireless security and password cracking, you should once try this tool.
  341. Download:
  343. 29. Kismet
  345. Kismet is the wi-fi 802.11 a/b/g/n layer2 wireless network sniffer and IDS. It works with any wi-fi card which supports rfmon mode. It passively collects packets to identify networks and detect hidden networks. It is built on client/server modular architecture. It is available for Linux, OSX, Windows and BSD platforms.
  347. Download:
  349. 30. NetStumbler
  351. NetStumbler is a popular Windows tool to find open wireless access points. This tool is free and is available for Windows. A trimmed down version of the tool is also available. It is called MiniStumbler.
  353. Basically NetStumblet is used for wardriving, verifying network configurations, finding locations with a poor network, detecting unauthorized access points, and more.
  355. But the tool also has a big disadvantage. It can be easily detected by most of the wireless intrusion detection systems available. This is because it actively probes a network to collect useful information. Another disadvantage of the tool is that it does not work properly with the latest 64 bit Windows OS. This is because the tool was last updated back in April 2004. It has been around 11 years since the last stable release of the tool.
  357. Download Netstumbler:
  359. 31. inSSIDer
  361. inSSIDer is a popular Wi-Fi scanner for Microsoft Windows and OS X operating systems. Initially the tool was opensource. Later it became premium and now costs $19.99. It was also awarded as “Best Opensource Software in Networking”. The inSSIDer wi-fi scanner can do various tasks, including finding open wi-fi access points, tracking signal strength, and saving logs with GPS records.
  363. Download inSSIDer:
  365. 32. WireShark
  367. WireShark is the network protocol analyzer. It lets you check what is happening in your network. You can live capture packets and analyze them. It captures packets and lets you check data at the micro-level. It runs on Windows, Linux, OS X, Solaries, FreeBSD and others. WireShark requires good knowledge of network protocols to analyze the data obtained with the tool. If you do not have good knowledge of that, you may not find this tool interesting. So, try only if you are sure about your protocol knowledge.
  369. Download Wireshark:
  371. 33. CoWPAtty
  373. CoWPAtty is an automated dictionary attack tool for WPA-PSK. It runs on Linux OS. This program has a command line interface and runs on a word-list that contains the password to use in the attack.
  375. Using the tool is really simple, but it is slow. That’s because the hash uses SHA1 with a seed of SSID. It means the same password will have a different SSIM. So, you cannot simply use the rainbow table against all access points. So, the tool uses the password dictionary and generates the hack for each word contained in the dictionary by using the SSID.
  377. The new version of the tool tried to improve the speed by using a pre-computed hash file. This pre-computed file contains around 172000 dictionary file for around 1000 most popular SSIs. But if your SSID is not in those 1000, you are unlucky.
  379. Download CoWPAtty:
  381. 34. Airjack
  383. Airjack is a Wi-Fi 802.11 packet injection tool. This wireless cracking tool is very useful in injecting forged packets and making a network down by denial of service attack. This tool can also be used for a man in the middle attack in the network.
  385. Download AirJack:
  387. 35. WepAttack
  389. WepAttack is an open source Linux tool for breaking 802.11 WEP keys. This tool performs an active dictionary attack by testing millions of words to find the working key. Only a working WLAN card is required to work with WepAttack.
  391. Download WebAttack:
  393. 36. OmniPeek
  395. OmniPeek is another nice packet sniffer and network analyzer tool. This tool is commercial and supports only Windows operating systems. This tool is used to capture and analyze wireless traffic. But it requires you to have good knowledge of protocols to properly understand things. A good thing is that the tool works with most of the network interface cards available in market. This tool is used for network troubleshooting. This tool also supports plugins, and 40 plugins are already available to extend the features of the tool.
  397. Download:
  399. 37. CommView for WiFi
  401. CommView for WiFi is another popular wireless monitor and packet analyzer tool. It comes with an easy to understand GUI. It works fine with 802.11 a/b/g/n/ac networks. It captures every packet and displays useful information as a list. You can get useful information like access points, stations, signal strength, network connections and protocol distribution.
  403. Captured packets can be decrypted by user-defined WEP or WPA keys.
  405. This tool is basically for wi-fi network admins, security professionals, and home users who want to monitor their wi-fi traffic and programmers working on software for wireless networks.
  407. Download CommView:
  409. 38. CloudCracker
  411. CloudCracker is the online password cracking tool for cracking WPA protected wi-fi networks. This tool can also be used to crack different password hashes. Just upload the handshake file, enter the network name and start the tool. This tool has a huge dictionary of around 300 million words to perform attacks.
  413. Try Cloudcracker:
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand