# Hacker Roadmap This repository is a summary of hacking tools to practice ethical hacking, pen testing and web security. Most of these tools are UNIX compatible and MIT licensed. ## Tools by category #### :male_detective: Information Gathering Information Gathering tools allows you to collect host metadata about services and users. Check informations about a domain, IP address, phone number or an email address. - [Th3inspector](https://github.com/Moham3dRiahi/Th3inspector) **Perl** | `Linux/Windows/MacOS` | All in one tool for Information Gathering written in Perl. - [Crips](https://github.com/Manisso/Crips) **Python** | `Linux/Android` | IP Tools To quickly get information about IP Address's, Web Pages and DNS records. #### :lock: Password Attacks Crack passwords and create wordlists. ... #### :globe_with_meridians: Wireless Testing Used for intrusion detection and wifi attacks. - [Aircrack](https://github.com/aircrack-ng/aircrack-ng) **C** | `Linux/Windows/MacOS` | WiFi security auditing tools suite. #### :wrench: Exploitation Tools Acesss systems and data with service-oriented exploits. - [SQLmap](https://github.com/sqlmapproject/sqlmap) **Python** | `Linux/Windows/MacOS` | Automatic SQL injection and database takeover tool. - [XSStrike](https://github.com/UltimateHackers/XSStrike) **Python** | `Linux/Windows/MacOS` | Advanced XSS detection and exploitation suite. #### :busts_in_silhouette: Sniffing & Spoofing Listen to network traffic or fake a network entity. ... #### :rocket: Web Hacking Exploit popular CMSs that are hosted online. - [WPScan](https://github.com/wpscanteam/wpscan) **Ruby** | `Linux/Windows/MacOS` | WPScan is a black box WordPress vulnerability scanner. - [Droopescan](https://github.com/droope/droopescan) **Python** | `Linux/Windows/MacOS` | A plugin-based scanner to identify issues with several CMSs, mainly Drupal & Silverstripe. - [Joomscan](https://github.com/rezasp/joomscan) **Perl** | `Linux/Windows/MacOS` | Joomla Vulnerability Scanner. #### :zap: Private Web Hacking Access files and databases. ... #### :tada: Post Exploitation Exploits for after you have already gained access. ... #### :package: Frameworks Frameworks are packs of pen testing tools with custom shell navigation and documentation. - [Metasploit](https://github.com/rapid7/metasploit-framework) **Ruby** | `Linux/Windows/MacOS` | A penetration testing framework for ethical hackers. - [fsociety](https://github.com/Manisso/fsociety) **Python** | fsociety Hacking Tools Pack – A Penetration Testing Framework. - [cSploit](https://github.com/cSploit/android) **Java** | `Android` | The most complete and advanced IT security professional toolkit on Android.