A comprehensive list of the tools that I use as part of my cybersecurity toolkit.

OSINT

• Spiderfoot OSINT
• Shodan
• Maltego
• TheHarvester

Red Team

Scanning Tools

• Masscan
• Cewl
• OpenVAS
• Zmap

Web Application Analysis

• Burp Suite
• Nikto
• SQL Map
• OWASP ZAP
• WPScan

Network Penetration Testing

• Nmap
• Wireshark
• Netcat
• Hydra
• Nessus
• John the Ripper
• Metasploit
• Tcpdump

Wireless Penetration Testing

• WiFite
• Aircrack-ng
• Kismet

Cloud Security Testing

• Scout Suite
• Pacu
• CloudSploit
• Cloud Security Suite
• AWS Security Toolkit

Social Engineering Tools

• GoPhish
• Social-Engineer Toolkit (SET)
• King Phisher

Blue Team

Data Visualization and Logging

• Splunk
• ELK Stack (Elasticsearch, Logstash, Kibana)
• Graylog
• Grafana

Endpoint Monitoring

• VMWare Carbon Black
• Velociraptor
  • Within velociraptor, Artifact collection and deployment is super powerful.
• OSSEC
• CrowdStrike Falcon

Network Monitoring

• Corelight
• Zeek
• Wireshark

Malware Analysis

• Mr. Majestic
• Yara
• Cuckoo Sandbox
• Ghidra

Forensics

• Volatility (Used for memory forensics)
• Regshot (Registry Forensics)
• Autopsy
• FTK Imager
• binwalk
• exiftool

Incident Response

• MISP (threat intelligence and sharing platform)
• TheHive (scalable 4-in-1 open source platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents)

Security Orchestration, Automation, and Response (SOAR)

• Demisto
• Swimlane
• Siemplify

Security Information and Event Management (SIEM)

• QRadar
• LogRhythm
• AlienVault OSSIM

Threat Intelligence

• ThreatConnect
• Anomali ThreatStream
• Recorded Future

Vulnerability Management

• OpenVAS
• Nessus
• Nexpose

Security Configuration Management

• Ansible
• Chef
• Puppet

Firewall and IDS/IPS

• pfSense
• Snort
• Suricata

Password Cracking

• Hashcat
• John the Ripper

Digital Forensics

• SIFT Workstation
• GRR (Google Rapid Response)

Network Traffic Analysis

• Moloch
• Zeek (formerly Bro)