Skip to main content


This is a list of some of the tools we use during our hacking stages, delivering the power of automation with expert human interaction to provide the most accurate benefits for our customers.

  • Burp Suite Professional: Toolkit to automate, find and assist web vulnerability discovery and exploitation
  • sqlmap: Automatic SQL injection and database takeover tool
  • Frida: Dynamic instrumentation toolkit to intercept and debug software that is closed-source or locked down
  • APKLab: Set of scripts and tools to perform Reverse Engineering on Android applications
  • mimikatz: Windows x32/x64 program to extract passwords, hash, PINs, and Kerberos tickets from memory
  • Rubeus: Toolset for raw Kerberos interaction and abuses
  • Metasploit: Framework to help launching and developing exploits and offensive tasks
  • Ghidra: Software Reverse Engineering (SRE) suite of tools developed by NSA's Research Directorate
  • John the Ripper: Password recovery tool
  • hashcat: Fast, efficient and versatile hacking tool that assists offline brute-force attacks
  • Wireshark: Network protocol analyzer
  • Aircrack-ng: Suite of tools to assess WiFi network security
  • ngrok: Cross-platform application that exposes local server ports to the Internet
  • ffuf: Fast web fuzzer
  • BeEF: The Browser Exploitation Framework, a penetration testing tool that focuses on the web browser
  • Covenant: .NET command and control framework
  • Nmap: Utility for network discovery and security auditing
  • OpenVAS: Full-featured vulnerability scanner
  • Vega: Web security scanner and web security testing platform that helps validate SQLi, XSS, etc.
  • x64dbg: Open-source x64/x32 debugger for Windows
  • WinDbg: Windows default debugger that we use for kernel debugging