Offensive Toolbox

Offensive OS

  • ​Kali Linux - The one, the only. Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
    • ​pimpmykali - Fixes for new imported Kali Linux virtual machines
    • Penetration Testing: Using Kali Linux - pg. 55
  • ​ParrotOS - Parrot OS, the flagship product of Parrot Security is a GNU/Linux distribution based on Debian and designed with Security and Privacy in mind. It includes a full portable laboratory for all kinds of cyber security operations, from pentesting to digital forensics and reverse engineering, but it also includes everything needed to develop your own software or keep your data secure.
  • ​Commando-VM - Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution.
  • ​ThreatBox - A handy offensive linux distro that uses a set of Ansible playbooks for automation and deployment.
  • ​Exegol - Exegol is a fully configured docker with many useful additional tools, resources (scripts and binaries for privesc, credential theft etc.) and some configuration (oh-my-zsh, history, aliases, colorized output for some tools). It can be used in pentest engagements, bugbounty, CTF, HackTheBox, OSCP lab & exam and so on.
  • ​AriaCloud - A remote penetration testing Docker container, with a focus on including cloud penetration testing tools for Azure, AWS, and GCP.
  • ​ - Offensive Distrobution based on Arch.

Recon Frameworks

Offensive Frameworks

C2 Frameworks


Tool collections


​Impacket - Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.

Powershell tools


Networking Tools

  • ​0trace - A traceroute tool that can be run within an existing, open TCP connection, therefore bypassing some types of stateful packet filters with ease.
  • ​fping - fping is a ping like program which uses the Internet Control Message Protocol (ICMP) echo request to determine if a target host is responding.
  • ​hping3 - hping3 is a network tool able to send custom ICMP/UDP/TCP packets and to display target replies like ping does with ICMP replies.
  • ​Netwox Toolkit - Toolbox netwox helps to find and solve network problems.

Stress Testing (DDOS)

Misc Tools

  • ​Karkinos - Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following:
    • Encoding/Decoding characters
    • Encrypting/Decrypting text or files
    • Reverse shell handling
    • Cracking and generating hashes
  • ​Interlace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
  • ​pyWhat - Command line to to identify...well anything.
  • ​arsenal - Arsenal is just a quick inventory and launcher for hacking programs. Great for filling in the blank.
  • ​WadComs - WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
  • ​scapy - Scapy is a powerful Python-based interactive packet manipulation program and library.
  • ​fragrouter - Fragrouter is a network intrusion detection evasion toolkit.
  • ​python-faraday - Faraday introduces a new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE.
  • ​routersploit - This package contains an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations
  • ​erfs - An easy-to-use, easy-to-setup, hassle-free secure file system with the encrypted data being stored on a remote cloud server without having to trust the server.
  • ​LDAPmonitor - Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
  • ​ - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Utility Commands