Top Tools not Included with Kali

Which tools/wordlists have people found to be most useful for HTB that aren’t included with Kali by default? A few spring to my mind:

  • Impacket’s examples scripts, such as samrdump.py
  • Evil-WinRM
  • Enumeration scripts, LinEnum.sh, PowerUp.ps1, etc
  • SecLists

NoSQLMap - GitHub - codingo/NoSQLMap: Automated NoSQL database enumeration and web application exploitation tool.
wfuzz - GitHub - xmendez/wfuzz: Web application fuzzer
CrackMapExec - GitHub - Porchetta-Industries/CrackMapExec: A swiss army knife for pentesting networks
aclpwn.py - GitHub - fox-it/aclpwn.py: Active Directory ACL exploitation with BloodHound
If you’re into stego challanges, the tools from 0xRick’s stenography tools list - Steganography - A list of useful tools and resources - 0xRick’s Blog

winPeas.exe bloodhound-python.py

@TestUserx said:
NoSQLMap - GitHub - codingo/NoSQLMap: Automated NoSQL database enumeration and web application exploitation tool.
wfuzz - GitHub - xmendez/wfuzz: Web application fuzzer
CrackMapExec - GitHub - byt3bl33d3r/CrackMapExec: A swiss army knife for pentesting networks
aclpwn.py - GitHub - fox-it/aclpwn.py: Active Directory ACL exploitation with BloodHound
If you’re into stego challanges, the tools from 0xRick’s stenography tools list - Steganography - A list of useful tools and resources - 0xRick’s Blog

Ah yeah forgot about crackmapexec, +1

Cutter for reversing (same as IDA or OllyDBG) is released by radare2

Keep em coming, never heard some of these tools before. Good find !

This would be a good idea for a YouTube Presenter, a short clip on the tool, use and demonstration.

Type your comment> @JadeWolf said:

This would be a good idea for a YouTube Presenter, a short clip on the tool, use and demonstration.

never mind… but i f***ing hate those youtubevideos… if i ever watch these - i constantly press fast foward… what could be said in a onliner or one short sentence is streched to endless minutes of pain… :slight_smile:

about the tools: definitely impacket and evil-winrm… and cqtools…

Blatant self advertisement, but ffuf:

It’s been approved for addition to Kali though, so should be available in the future. In the other hand, installation of tools written with Go is very fast.

Type your comment> @joohoi said:

Blatant self advertisement, but ffuf:

GitHub - ffuf/ffuf: Fast web fuzzer written in Go

It’s been approved for addition to Kali though, so should be available in the future. In the other hand, installation of tools written with Go is very fast.

Nice one

@KullPid said:
Cutter for reversing (same as IDA or OllyDBG) is released by radare2

If we’re talking RE, Frida is a glaring omission just generally, nevermind for HTB. I also found this for smb enumeration and found it much nicer to use than enum4linux: GitHub - m8sec/nullinux: Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Type your comment> @joohoi said:

Blatant self advertisement, but ffuf:

GitHub - ffuf/ffuf: Fast web fuzzer written in Go

It’s been approved for addition to Kali though, so should be available in the future. In the other hand, installation of tools written with Go is very fast.

i’ve used it and it’s awesome.

This is such an awesome thread! Thanks guys! :smiley:

I use Autorecon for my initial scans now (GitHub - Tib3rius/AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.) and dirsearch for web discovery bruteforcing (GitHub - maurosoria/dirsearch: Web path scanner).

I made a list of all my non kali pentest tools, have a look here:

Its more than 600 Tools atm im myself only searching there with STRG+F :wink:

Very nice idea and helpful posts … thanks

Type your comment> @brueh said:

Type your comment> @JadeWolf said:

This would be a good idea for a YouTube Presenter, a short clip on the tool, use and demonstration.

never mind… but i f***ing hate those youtubevideos… if i ever watch these - i constantly press fast foward… what could be said in a onliner or one short sentence is streched to endless minutes of pain… :slight_smile:

about the tools: definitely impacket and evil-winrm… and cqtools…

Absolutely agree with the presentation part, those types of videos make me fall asleep, also never heard of Cqtools, looks really cool! Thank you!

There used to be a time when people made videos for sharing information. I am more audio/visual learning I can sit and read a document and not remember a thing about it or get bored.

Anyways, some may find this useful - 100 Best Hacking Tools for Security Professionals in 2020