# Tools for an Offensive Certification

#### Information Gathering

1\) enum4linux <https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS>

2\) BloodHound <https://github.com/BloodHoundAD/BloodHound>

3\) BloodHound Python <https://github.com/fox-it/BloodHound.py>

**Web Application Payload & Tools**

1\) PayloadsAllTheThings <https://github.com/swisskyrepo/PayloadsAllTheThings>

2\) ysoserial <https://github.com/frohoff/ysoserial>

3\) JSON Web Tokens <https://jwt.io/>

4\) WPScan <https://github.com/wpscanteam/wpscan>

5\) Gobuster <https://github.com/OJ/gobuster>

**Encryption Tools**

1\) CyberChef <https://gchq.github.io/CyberChef/>

**Password Attack**

1\) Hydra <https://github.com/vanhauser-thc/thc-hydra>

2\) Patator <https://github.com/lanjelot/patator>

3\) CrackMapExec <https://github.com/byt3bl33d3r/CrackMapExec>

4\) John <https://github.com/openwall/john>

5\) hashCat <https://hashcat.net/hashcat>

6\) mimikatz <https://github.com/gentilkiwi/mimikatz>

#### Reverse Engineering

1\) Ghidra[	https://github.com/NationalSecurityAgency/ghidra](https://github.com/NationalSecurityAgency/ghidra)

#### Exploitation Tools

1\) Rubeus <https://github.com/GhostPack/Rubeus>

2\) PTH <https://github.com/byt3bl33d3r/pth-toolkit>

3\) WinRM <https://github.com/Hackplayers/evil-winrm>

#### Post Exploitation

1\) LinEnum <https://github.com/rebootuser/LinEnum>

2\) Impacket <https://github.com/SecureAuthCorp/impacket>

3\) Windows Privesc Check <https://github.com/pentestmonkey/windows-privesc-check>

4\) Windows Privilege Escalation <https://github.com/frizb/Windows-Privilege-Escalation>