Skip to main content
Notes by Peter Galonza(Пётр Галонза)
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Hi, it’s my notes
  2. /
  3. Security
  4. /
  5. Penetration Testing Tools and Methodology

Penetration Testing Tools and Methodology

Tools

  • Nmap – Network mapper for host discovery, port scanning, version detection, and OS fingerprinting. Essential for initial reconnaissance.
  • Kali Linux (Image) – Debian‑based distribution pre‑loaded with hundreds of security tools for penetration testing, forensics, and reverse engineering.
  • Parrot Linux (Image) – Security‑oriented distribution similar to Kali, with additional privacy and anonymity features.
  • Burp Suite – Integrated platform for web vulnerability scanning, intercepting proxies, and manual testing of web applications.
  • ZAProxy – Open‑source web application security scanner (OWASP ZAP) for automated finding of vulnerabilities and manual exploration.
  • mitmproxy – Interactive TLS‑capable intercepting HTTP proxy for debugging, testing, and security assessments.
  • apk‑mitm – Tool for preparing Android APK files for HTTPS inspection by bypassing certificate pinning.
  • Ghidra – Software reverse engineering framework developed by NSA, supporting disassembly, decompilation, and scripting.
  • binwalk – Firmware analysis tool for extracting embedded files and executable code from binary images.
gdoc_arrow_left_alt OAuth2 Software Development gdoc_arrow_right_alt