List of tools in BackTrack

This is a list of software tools comes installed with BackTrack listed according to the menu structure in BackTrack. Some software tools fits into multiple categories thus can be found in multiple sections. The actual distribution comes installed with more software than listed here, like text editors and accessibility improvement software.

DNS Analysis

 * dnsdict6
 * DNSenum - Tool for enumerating DNS information of host/domain.
 * Dnsmap - Passive DNS network mapper.
 * Dnsrecon - Target enumeration software.
 * Dnstracer - Software for finding the original source of DNS information.
 * Dnswalk - DNS Debugger.
 * fierce
 * lbd
 * Maltego - Open source intelligence and forensic software.
 * reverseraider

Identify Live Hosts

 * 0trace
 * alive6
 * arping
 * detect-new-ip6
 * dnmap
 * fping
 * hping2
 * hping3
 * netdiscover
 * netifera
 * Nmap - A tool for network discovery and security auditing.
 * nping
 * pbnj
 * sctpscan
 * svwar
 * trace6
 * traceroute
 * wol-e
 * zenmap

IDS IPS Identification

 * fragroute
 * fragrouter
 * ftester
 * hexinject
 * pytbull
 * sniffjoke

Network Scanners

 * autoscan
 * davtest
 * implementation6
 * implementation6d
 * lanmap2
 * netifera
 * Nmap - A tool for network discovery and security auditing.
 * scapy
 * unicornscan
 * unicornscan-pgsql-setup
 * zenmap

Network Traffic Analysis

 * scapy
 * tcpdump
 * tshark
 * Wireshark - An open source network protocol analyzer.
 * xplico
 * xplico web gui

OS Fingerprinting

 * Nmap - A tool for network discovery and security auditing.
 * p0f
 * sctpscan
 * xprobe2
 * zenmap

OSINT Analysis

 * creepy
 * jigsaw
 * uberharvest

Route Analysis

 * dmitry
 * irpas_suite
 * itrace
 * lanmap2
 * netenum
 * netmask
 * protos
 * scapy
 * traceroute
 * tctrace

Service Fingerprinting

 * amap
 * dmitry
 * httprint
 * httsquash
 * miranda
 * nbtscan
 * ncat
 * Nmap - A tool for network discovery and security auditing.
 * sslscan
 * zenmap

SMB Analysis

 * samrdump
 * smbclient

SMTP Analysis

 * maltego
 * Nmap - A tool for network discovery and security auditing.
 * smtprc
 * smtpscan
 * smtp-user-enum
 * swaks
 * zenmap

SNMP Analysis

 * admsnmp
 * braa
 * onesixtyone
 * snmpcheck
 * snmpenum

SSL Analysis

 * sslcaudit
 * ssldump
 * sslh
 * sslsniff
 * sslstrip
 * sslyze
 * testssl.sh
 * thcsslcheck
 * tlssled

Telephony Analysis

 * dedected
 * iwar
 * svmap
 * warvox

VOIP Analysis

 * ace
 * enumiax
 * iwar
 * sip-scan
 * snmp
 * voiphoney

VPN Analysis

 * fiked
 * ike-scan

CMS Identification

 * BlindElephant - A web application fingerprinting software.
 * cms-explorer
 * dpscan
 * whatweb

IDS IPS Identification

 * us-tester
 * waffit

Open Source Analysis

 * casefile
 * ghdb
 * goofile
 * maltego
 * revhosts
 * revhosts-cli
 * urlcrazy
 * xssed

Web Crawlers

 * apache-users
 * deblaze
 * dirb
 * golismero
 * sqlscan
 * webshag-cli
 * webshag-gui

Database Analysis

 * bbqsql
 * dbpwaudit

MSSQL Analysis

 * sqlbrute
 * sqldict
 * sqllhf
 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.
 * Sqlninja - Tool for automating detection and exploitation of SQL injection flaws in applications which uses Microsoft SQL Server as the back end database

MySQL Analysis

 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.

Oracle Analysis

 * dbpwaudit
 * getsids
 * opwg
 * oquery
 * oscanner
 * osd
 * ose
 * otnsctl
 * sidguesser
 * sqlbrute
 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.
 * tnscmd10g

Bluetooth Analysis

 * bluediving
 * blueranger
 * btscanner
 * hcidump

WLAN Analysis

 * airodump-ng
 * giskismet
 * Kismet - A network detector, packet sniffer, and intrusion detection system software for 802.11 wireless LANs.
 * pcapdump
 * ssidsniff
 * wifitap
 * xgps

Vulnerability Scanners

 * lynis
 * OWASP Mantra Security Framework - A browser specifically designed for penetration testing.
 * OpenVAS - An open framework for vulnerability scanning and management.
 * greenbone

Cisco Tools

 * cisco-auditing-tool
 * cisco-ocs
 * cisco passwd scanner
 * cisco-torch
 * copy-router-config
 * merge-router-config
 * tftp-bruteforce

Network Fuzzers

 * bed
 * fuzz_ip6
 * sfuzz
 * sickfuzz
 * spike

Open Source Assessment

 * mitre-cve
 * osvdb

VOIP Fuzzers

 * ohrwurm
 * protos-sip
 * voip

CMS Vulnerability Identification

 * joomscan
 * plecost

Web Application Fuzzers

 * OWASP DirBuster - A multi threaded Java application for brute-forcing directories and files names on web/application servers
 * dotdotpwn
 * powerfuzzer
 * rfuzz
 * untidy
 * webshag-cli
 * webshag-gui
 * webslayer
 * xssfuzz

Web Application proxies

 * Burp suite - a MiTM proxy for web application penetration testing.
 * OWASP_Zed_Attack_Proxy - A tool for web application penetration testing. It integrates a MiTM proxy, web crawler and a vulnerability scanner.

Web Open Source Assessment

 * goohost
 * gooscan
 * metagoofil
 * mitre-cve
 * osvdb
 * Shodan - A search engine for finding online computers and network devices using a variety of filters.
 * theharvester

Web Vulnerability Scanners

 * asp-auditor
 * Burp suite - a MiTM proxy for web application penetration testing.
 * grabber
 * grendel-scan
 * mopest
 * nikto
 * OWASP Zed Attack Proxy - a MiTM proxy for web application penetration testing.
 * proxystrike
 * Skipfish - Web application security scanner.
 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.
 * uniscan
 * vega
 * w3af - Web application security framework for auditing and exploitation.
 * wapiti
 * watobo
 * webscarab
 * wstool

Database Assessment

 * bbsql
 * dbpwaudit

MSSQL Assessment

 * sqlbrute
 * sqldict
 * sqllhf
 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.
 * Sqlninja - Tool for automating detection and exploitation of SQL injection flaws in applications which uses Microsoft SQL Server as the back end database

MySQL Assessment

 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.

Oracle Assessment

 * dbpwaudit
 * getsids
 * opwg
 * oquery
 * oscanner
 * osd
 * ose
 * otnsctl
 * sidguesser
 * sqlbrute
 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.
 * tnscmd10g

Network Exploitation Tools

 * isr-evilgrade
 * netgear-telnettenable
 * termineter

Cisco Attacks

 * cisco-global-exploiter
 * tftp-bruteforce

Fast-Track

 * fasttrack-cli
 * fasttrack-interactive
 * fasttrack-web

Metasploit Framework

 * armitage
 * msfclie
 * msfconsole
 * msfupdate
 * msfpro

SAP Exploitation

 * sapyto

Web Exploitation Tools

 * asp-auditor
 * darkmysqli
 * fimap
 * htexploit
 * jboss-autopwn
 * oscanner
 * padbuster
 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.
 * Sqlninja - Tool for automating detection and exploitation of SQL injection flaws in applications which uses Microsoft SQL Server as the back end database
 * sqlsus
 * sslstrip
 * w3af - Web application security framework for auditing and exploitation.
 * websecurify
 * websploit
 * xsser

Database Exploitation Tools

 * bbsql
 * dbpwaudit

MSSQL Exploitation Tools

 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.
 * Sqlninja - Tool for automating detection and exploitation of SQL injection flaws in applications which uses Microsoft SQL Server as the back end database

MySQL Exploitation Tools

 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.

Oracle Exploitation Tools

 * dbpwaudit
 * getsids
 * opwg
 * oquery
 * oscanner
 * osd
 * ose
 * otnsctl
 * sidguesser
 * Sqlmap - Tool for automating the process of detecting and exploiting SQL injection flaws.

Bluetooth Exploitation

 * atshell
 * bluediving
 * bluelog
 * bluemaho
 * bluepot
 * bt-audit
 * btftp
 * redfang
 * spooftooph

GSM Exploitation

 * smartphone-pentest-frmework

WLAN Exploitation

 * Aircrack-ng - A software suite for performing wireless network analysis
 * airmon-ng
 * airodump-ng
 * fern-wifi-cracker
 * freeradius-wpe
 * gerix-wifi-cracker-ng
 * horst
 * pcapgetiv
 * pyrit
 * reaver
 * weakivgen
 * wepcrack
 * wifihoney
 * wifite

Social Engineering Tools

 * BeEF - Browser exploitation framework
 * Social Engineering Toolkit

Honeypots

 * honeyd
 * honeydctl
 * spamhole

Physical Exploitation

 * arduino
 * kautilya
 * u3-pwn
 * videojak

Open Source Exploitation

 * Exploit-DB - Exploit database

Online Archives

 * mitre-cve
 * osvdb
 * securityfocus

GPU Tools

 * oclhashcat ATI
 * oclhashcat Nvidia

Offline Attacks

 * osleap
 * chntpw
 * cowpatty
 * creddump
 * crunch
 * cupp
 * dictstat
 * eapmd5pass
 * fcrackzip
 * genkeys
 * genpmk
 * hashcat
 * hashcat-gui
 * hashcat-utils
 * hash-identifier
 * jihnny
 * john the ripper
 * manglefizz
 * maskgen
 * oclhashcat ATI
 * oclhashcat-lie ATI
 * oclhashcat Nvidia
 * oclhashcat-lite Nvidia
 * Ophcrack
 * Ophcrack GUI

Online Attacks

 * acccheck
 * cewl
 * findmyhash
 * hexorbase
 * hydra
 * hydra-gtk
 * keimpx
 * medusa
 * ncrack
 * patator
 * smbexec
 * sqldict
 * sqllhf
 * svcrack
 * wce

Physical Attacks

 * sucrack

Voice and Surveillance

 * videojak

VOIP Tools

 * rtpinject
 * rtpinsertsound
 * rtpmixsound

Network Sniffers

 * darkstat
 * driftnet
 * dsniff
 * easy-creds
 * ettercap
 * ettercap-gtk
 * ettercap-ng
 * fake_router6
 * ferret
 * hamster
 * parasite6
 * redir6
 * scapy
 * subterfuge
 * tcpdump
 * tshark
 * Wireshark - An open source network protocol analyzer.
 * xspy

VOIP Sniffers

 * artemisa
 * ferret
 * rtpbreak
 * voipctl
 * vopipong

Web Sniffers

 * mitmproxy

Network Spoofing

 * dnschef
 * fake_mipv6
 * fake_mld26
 * fake_mld6
 * fake_mldrouter6
 * fake-router6
 * fiked
 * fuzz_advertise6
 * hexinject
 * intercepter-ng
 * redir6
 * thcping6
 * toobig6
 * yersinia

VOIP Spoofing

 * sipsak
 * voiphopper

OS Back-doors

 * cymothoa
 * dbd
 * hotpatch
 * intersect
 * msfencode
 * msfpayload
 * powersploit
 * sbd
 * trixd00r
 * u3-pwn
 * unix-privesc-check

Tunneling

 * 3proxy
 * cryptcat
 * dns2tcp
 * iodine
 * miredo
 * ping tunnel
 * proxy chains
 * proxytunnel
 * pwnat
 * socat
 * sslh
 * stunnel4
 * tinyproxy
 * udptunnel

Web Back-doors

 * msfencode
 * msfpayload
 * webshells
 * weevely

Reverse Engineering

 * android-sdk
 * apktool
 * binwalk
 * ded
 * dex2jar
 * edb-debugger
 * flasm
 * gdb.py
 * IDA pro
 * jad
 * javasnoop
 * mercury
 * ollydbg
 * rec-studio
 * smali
 * strace.py

RFID ACG

 * brute force hitag2
 * bruteforce mifare
 * calculate jcop mifare keys
 * continuous select tag
 * copy iso15693 tag
 * epassport read write clone
 * format mifare 1k value blocks
 * identify hf tag type
 * identify lf tag type
 * jcop info
 * jcop milfare read write
 * jcop set atr historical bytes
 * read acg reader eeprom
 * read lf tag
 * read mifare
 * read tag
 * read write clone unique
 * reset q5 tag
 * select tag
 * set fdx-b id
 * test acg lahf

RFID Frosch

 * read write clone unique
 * reset hitag2 tag
 * set fd-b id
 * test frosch reader

Network Stress Testing

 * denial6
 * dhcpig
 * dos-new-ip6
 * flood_advertise6
 * flood_router6
 * hping2
 * hping3
 * inundator
 * letdown
 * rsmurf6
 * sendpees6
 * siege
 * smurf6
 * t50
 * thc-ssl-dos
 * udp.pl

VOIP Stress Testing

 * iaxflood
 * inviteflood
 * rtpflood
 * sipp

WLAN Stess Testing

 * mdk3

Anti-Virus Forensic Tools

 * chrootkit
 * rkhunter

Digital Anti Forensics

 * truecrypt

Digital Forensics

 * hexedit
 * iphoneanalyzer
 * rifiuti2

Forensic Analysis Tools

 * bulk-extractor
 * evtparse.pl
 * exiftool
 * missidentify
 * mork.pl
 * pref.pl
 * ptk
 * readpst
 * reglookup
 * stegdetect
 * vinetto

Forensic Carving tools

 * extundelete
 * fatback
 * foremost
 * magicrescue
 * recoverjpeg
 * safecopy
 * scalpel
 * scrounge-ntfs
 * testdisk

Forensic Hashing Tools

 * hashdeep
 * md5deep
 * sha1deep
 * sha256deep
 * tigerdeep
 * whirlpooldeep

Forensic Imaging Tools

 * air
 * dc3dd
 * ddrescue
 * ewfacquire

Forensic Suites

 * dff cli
 * dff ui
 * ptk
 * autopsy
 * sleuthkit

Network Forensics

 * darkstat
 * driftnet
 * p0f
 * tcpflow
 * tcpreplay
 * Wireshark - An open source network protocol analyzer.
 * xplico
 * xplico web gui

Password Forensic Tools

 * cmospwd
 * fcrackzip
 * samdump

PDF Forensic Tools

 * pdfid
 * pdf-parser
 * peepdf

RAM Forensic Tools

 * pdfbook
 * pdgmail
 * ptk
 * volafox
 * volatility

Evidence Management

 * casefile
 * keepnote
 * magictree
 * maltego
 * svreport

Media Capture

 * cutycapt
 * recordmydesktop

Services

 * GPSD
 * HTTPD
 * MySQLD
 * PCSCD
 * Snort Service
 * SSHD

Miscellaneous

 * keepnote
 * msfpro

Miscellaneous Clients

 * arduino
 * ewizard
 * kautilya

Miscellaneous Network

 * genlist
 * scapy
 * ipcalc
 * macchanger
 * multimac
 * sakis3g

Miscellaneous Web

 * pwntcha
 * wfuzz