Security Testing Tools

Security Testing Tools

Standard Security Testing Tools Employed By Gotham Security

NameDescriptionAssociated Security Assessments

Set of tools for auditing wireless networks.

Wifi Pentesting
AlienVault OTX

Open Threat Intelligence Community

Recon & OSINTExternal Network Pentesting

network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques, maintained by OWASP.

Recon & OSINTExternal Network Pentesting

Python3 port of the abandoned API fuzzing tool Astra

API Pentesting

BurpSuite plugin to test authorization controls without having to manually send requests to repeater and copy/paste different user tokens and replay them; it automates this process for you.

Web App PentestingAPI PentestingMobile App Pentesting


Internal Network PentestingExternal Network PentestingWeb App Pentesting

Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.

Mobile App PentestingStatic Code AnalysisOther

Graphical Active Directory trust relationship explorer.

Internal Network Pentesting

Static analysis security vulnerability scanner for Ruby on Rails applications.

Mobile App PentestingStatic Code AnalysisDynamic Code Analysis

Technology lookup tool for websites.

Recon & OSINTSocial Engineering
Burp Suite

Intercepting proxy that can be used to modify HTTP requests/responses

Web App PentestingAPI PentestingMobile App PentestingCode Tampering

Generates custom wordlists by spidering a target's website and collecting unique words.

External Network PentestingInternal Network PentestingRecon & OSINT
Cheat Engine

Memory debugger and hex editor for running applications.

Runtime Tampering

Cloudimized is a Google Cloud Platform (GCP) configuration scanning tool. It allows monitoring changes of selected resources.

Cloud PentestingCloud Risk Analysis

CloudSploit by Aqua is an open-source project designed to allow detection of security risks in cloud infrastructure accounts, including: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), and GitHub.

Cloud PentestingCloud Risk Analysis
Coda Intelligence

Vulnerability Management Solution Operating under the NIST Cybersecurity Framework

External Network PentestingInternal Network PentestingPurple Teaming
Codebeat (open source)

Open source implementation of commercial static code analysis tool with GitHub integration.

Static Code Analysis

Multithreaded program to crack PKCS#12 files (.p12  and .pfx  extensions), such as TLS/SSL certificates.

Wifi Pentesting
Criminal IP

Web-based OSINT information platform

Recon & OSINTExternal Network Pentesting
CTF - Reverse Shell Generator

Hosted Reverse Shell generator with a ton of functionality -- (great for CTFs)

Internal Network PentestingExternal Network PentestingWeb App Pentesting

Highly configurable DNS proxy for pentesters.

External Network PentestingWeb App Pentesting

Tool to reverse engineer .NET assemblies.

Runtime TamperingCode Tampering

Back up to DNS Zone Transfer. Can be used for more reasons aside from just DNS Zone Transfer testing.

Recon & OSINTExternal Network Pentesting

Open source phishing domain scanner to identify potentially malicious typosquatted domains.

Recon & OSINTSocial EngineeringExternal Network Pentesting

Python script for executing Google dorks

Recon & OSINTExternal Network Pentesting

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.

Social Engineering

This is a very interesting tool. It seems that this PyGo Phish - this seems, more or less like an email sending tool that is just wrapped in the idea of phishing. Create the links with GoPhish and still host with GoPhish, but send with Fiece Phish

Social Engineering

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

Cloud Risk AnalysisCloud Pentesting

Open source phishing toolkit

Social Engineering

OSINT platform to search for Cloud assets

Social Engineering

Fast hash cracking utility with support for most known hashes as well as OpenCL and CUDA acceleration.

Internal Network PentestingExternal Network PentestingWifi Pentesting

Lazy man's Windows privilege escalation tool utilizing PowerSploit.

Internal Network Pentesting

Browser-based hex editing.

Reverse EngineeringCode TamperingRuntime TamperingStatic Code AnalysisDynamic Code Analysis
Hybrid Analysis

Online malware scanner.

Traditional Risk Analysis

Command line tool to exploit the Windows IIS tilde information disclosure vulnerability.

External Network PentestingInternal Network PentestingWeb App Pentesting

Collection of Python classes for working with network protocols.

Internal Network Pentesting
John the Ripper

Fast password cracker.

External Network PentestingInternal Network Pentesting
JWT Cracker

Simple HS256 JWT token brute force cracker.

Web App PentestingAPI PentestingDynamic Code AnalysisMobile App Pentesting

A toolkit for validating, forging, scanning and tampering JWTs (JSON Web Tokens).

Web App Pentesting

Active directory domain information dumper

Internal Network Pentesting

Linux command line utility for querying LDAP servers.

Internal Network Pentesting

Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools.

Internal Network PentestingExternal Network Pentesting

Linex enumeration tool for priviledge escalation.

Internal Network Pentesting

OSINT Tool: Generate username lists from companies on LinkedIn.

Recon & OSINTSocial Engineering

A series of scripts for Linux priviledge escalation.

Internal Network Pentesting

Security auditing tool for Linux and macOS.

Internal Network Pentesting
Linux Exploit Suggester

Heuristic reporting on potentially viable exploits for a given GNU/Linux system.

Internal Network Pentesting

VMWare vCenter Log4Shell exploitation tool.

External Network PentestingInternal Network PentestingWeb App Pentesting

This shell script scans a vulnerable web application that is using a version of apache-log4j < 2.15.0. This application is a static implementation, which means it does not perform domain, sub-domain, or webpage discovery.

External Network PentestingInternal Network PentestingWeb App Pentesting

Commercial phishing and smsishing platform

Social Engineering

Proprietary software for open source intelligence and forensics, from Paterva.

Recon & OSINT
Mass Scan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

External Network PentestingInternal Network Pentesting

Graphical tool for custom wordlist generation

Internal Network PentestingExternal Network Pentesting

Software for offensive security teams to help verify vulnerabilities and manage security assessments.

Internal Network PentestingExternal Network PentestingWeb App PentestingAPI Pentesting

Credentials extraction tool for Windows operating system.

Internal Network Pentesting

Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Web App PentestingAPI PentestingCloud PentestingDynamic Code AnalysisMobile App Pentesting

Flexible reverse proxy tool for phishing engagements.

Social Engineering

Email domain and DNS lookup.

Recon & OSINTExternal Network Pentesting

TCP/IP command line utility supporting multiple protocols, included with Nmap.

Internal Network PentestingExternal Network Pentesting

Commercial vulnerability assessment tool, sold by Tenable.

External Network PentestingInternal Network PentestingWeb App PentestingCloud Risk AnalysisCloud Pentesting

Simple and quick network scanning tool.

Internal Network Pentesting

Swiss army knife for for network sniffing.

Internal Network Pentesting
Netsparker Web Application Security Scanner

Commercial web application security scanner to automatically find many different types of security flaws.

Internal Network PentestingWeb App Pentesting
Network Detective

White Box tool used for network analysis, enumeration of users, permission, shares, and assets, sold by Rapidfiretools.

Purple TeamingTraditional Risk AnalysisOther

Website offering an interface to numerous basic network utilities like pingtraceroutewhois , and more.

External Network PentestingInternal Network Pentesting

Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.

Internal Network PentestingExternal Network Pentesting

Noisy but fast black box web server and web application vulnerability scanner.

Web App PentestingInternal Network PentestingExternal Network Pentesting

Free security scanner for network exploration & security audits.

Recon & OSINTExternal Network PentestingInternal Network PentestingPurple Teaming

phishing toolkit which provides an docker and noVNC based infrastructure.

Social Engineering

both a HTML VNC client JavaScript library and an application built on top of that library.

Social Engineering

Open source implementation of the popular Nessus vulnerability assessment system.

Internal Network PentestingExternal Network Pentesting
OWASP Dependency Check

Open source static analysis tool that enumerates dependencies used by Java and .NET software code (with experimental support for Python, Ruby, Node.js, C, and C++) and lists security vulnerabilities associated with the dependencies.

Static Code Analysis
OWASP Zed Attack Proxy (ZAP)

Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.

Web App Pentesting

AWS exploitation framework.

Cloud PentestingCloud Risk AnalysisPurple Teaming

Python Exploit Development Assistance for GDB.

Code TamperingRuntime TamperingReverse Engineering

Web based platform for several open source reconnaissance and exploitation tools.

Recon & OSINTExternal Network Pentesting

Provides fixes for new imported Kali Linux virtual machines — including impacket

Internal Network Pentesting

Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.

Code TamperingReverse Engineering

API development tool which helps to build, test and modify APIs.

Web App PentestingAPI Pentesting

PowerShell Post-Exploitation Framework.

Internal Network Pentesting
Principle Mapper

Open source AWS IAM vulnerability analysis tool.

Cloud PentestingAPI PentestingWeb App PentestingMobile App Pentesting
Printer Exploitation Toolkit (PRET)

Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.

Internal Network Pentesting

Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness.

Cloud PentestingCloud Risk AnalysisPurple Teaming

Python 3 script for interacting with Shodan API. Has three modes of operation: making an API query for a search term, a single IP address, or for a list of IP addresses in a .txt file.

Recon & OSINTExternal Network Pentesting

Open source, crossplatform reverse engineering framework.

Code TamperingReverse EngineeringRuntime Tampering

Full-featured Web Reconnaissance framework written in Python.

Recon & OSINT

Open source NBT-NS, LLMNR, and MDNS poisoner.

Internal Network Pentesting

Windows version of the above NBT-NS/LLMNR/MDNS poisoner.

Internal Network Pentesting
Reverse Shell Generator

Web based tool to generate reverse shells

Web App PentestingInternal Network PentestingExternal Network Pentesting

A tool to find open S3 buckets and dump their contents

External Network PentestingCloud PentestingCloud Risk Analysis
Scout Suite

Open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments.

Cloud Risk AnalysisCloud PentestingPurple Teaming
Secret Scanner

Searches for common keys and secrets in a stupidly simple way.

Web App PentestingAPI PentestingStatic Code AnalysisMobile App PentestingCloud PentestingCloud Risk Analysis

Static code analysis tool for shell script.

Static Code Analysis

Database containing information on all accessible domains on the internet obtained from passive scanning.

Recon & OSINTExternal Network Pentesting

Handy SMB enumeration tool.

Internal Network Pentesting

Sniper that can be used in VPENBOX07. Roughly the same tool as what is used in PT Tools

External Network Pentesting

Security-focused static analysis for the Phoenix Framework.

Static Code Analysis

Automated SQL injection and database takeover tool.

Web App PentestingAPI PentestingExternal Network Pentesting
SSL Server Test (Qualys)

Performs analysis of the configuration of any SSL web server on the public Internet.

Web App Pentesting

Quick command line tool for checking TLS/SSL configuration.

External Network PentestingInternal Network PentestingWeb App Pentesting

Fast and comprehensive TLS/SSL configuration analyzer to help identify security mis-configurations.

External Network PentestingInternal Network PentestingWeb App Pentesting

Automatic server-side template injection and Web server takeover tool.

Web App Pentesting

OSINT tool for individual research.

Recon & OSINTSocial EngineeringStatic Code Analysis

Git repo scanner.

Static Code Analysis
Turbo Intruder

Burp extension for sending intruder requests at high speeds, mainly for race condition exploitation situations

Web App PentestingAPI PentestingDynamic Code AnalysisMobile App Pentesting
Virus Total

Free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.

External Network PentestingRecon & OSINT

Open source static code analysis tool with support for Java, C, C++, C#, PL/SQL, VB, and PHP. VisualCodeGrepper also conforms to OWASP best practices.

Static Code Analysis

Identifies and fingerprints Web Application Firewall (WAF) products.

External Network PentestingWeb App Pentesting

Windows Driver Kit and WinDbg.

Reverse EngineeringRuntime TamperingCode TamperingOther

Fake access point attacks.

Wifi Pentesting

Automated wireless attack tool.

Wifi Pentesting

A series of scripts for Windows Priviledge escalation.

Internal Network Pentesting

Widely-used graphical, cross-platform network protocol analyzer.

Internal Network PentestingTraditional Risk Analysis

Black box WordPress vulnerability scanner.

External Network PentestingRecon & OSINT

Exploit WordPress-powered websites with Metasploit.

External Network Pentesting

Packet and protocol analyzer with MITM capability.

Internal Network Pentesting

Who We Are


Initially founded in 2013 in the heart of New York City, Gotham Security is an Abacus Group company that focuses on providing boutique cybersecurity services. Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services to organizations all across the world, including many Fortune 1000 companies.

© 2023 Gotham Security