Are We Hackers Yet?
Tracking the availability of Kali Linux packages in NixOS
- Packages in green are available in Nixpkgs unstable
- Packages in red have been looked for and appear to be unpackaged
- Packages in yellow could have been previously packaged and appear to be broken/removed (deprecated/security risks, i.e. python2,etc.)
- Packages in blue haven't been checked yet
- Packages in gray are not applicable to Nix(windows binaries, various firmwares, etc)
Contribute to the tracker at github.com/pyrox0/arewehackersyet also check fabaff.github.io/nix-security-box/ which contains other security related tools, some are not in this tracker.
Contribute to the NixOS packaging efforts at nixpkgs#81418.
Last updated: 2024-11-16 13:45:23 -0500
802-11
Kali Package | Description | Nix derivation |
---|---|---|
aircrack-ng | wireless WEP/WPA cracking utilities | aircrack-ng-1.7 |
airgeddon | multi-use bash script for Linux systems to audit wireless networks | airgeddon-11.11 |
asleap | A tool for exploiting Cisco LEAP networks | asleap-unstable-2021-06-20 |
bully | Implementation of the WPS brute force attack, written in C | bully-1.4-00 |
cowpatty | Brute-force WPA dictionary attack | cowpatty-4.8 |
eapmd5pass | Tool for extracting and cracking EAP-MD5 | cantfind |
fern-wifi-cracker | Automated Wi-Fi cracker | cantfind |
freeradius-wpe | FreeRadius Wireless Pawn Edition | cantfind |
hashcat | World's fastest and most advanced password recovery utility | hashcat-6.2.6 |
hostapd-wpe | Modified hostapd to facilitate AP impersonation attacks | cantfind |
iw | tool for configuring Linux wireless devices | iw-6.9 |
kismet | wireless network and device detector (metapackage) | kismet-2023-07-R1 |
macchanger | utility for manipulating the MAC address of network interfaces | macchanger-1.7.0 |
mdk3 | Wireless attack tool for IEEE 802.11 networks | mdk3-master-6-unstable-2015-05-24 |
mdk4 | Wireless attack tool for IEEE 802.11 networks | mdk4-unstable-2021-04-27 |
pixiewps | Offline WPS bruteforce tool | pixiewps-1.4.2 |
reaver | brute force attack tool against Wi-Fi Protected Setup PIN number | reaver-wps-1.4 |
wifi-honey | Wi-Fi honeypot | cantfind |
wifite | Python script to automate wireless auditing using aircrack-ng tools | wifite2-2.7.0 |
base
Kali Package | Description | Nix derivation |
---|---|---|
cifs-utils | Common Internet File System utilities | cifs-utils-7.1 |
ftp | dummy transitional package for tnftp | netkit-tftp-0.17 |
iw | tool for configuring Linux wireless devices | iw-6.9 |
lvm2 | Linux Logical Volume Manager | lvm2-2.03.27 |
mlocate | mlocate-0.26 | |
netcat-traditional | TCP/IP swiss army knife | netcat-openbsd-1.219-1 |
nfs-common | NFS support files common to client and server | nfs-utils-2.7.1 |
openssh-server | secure shell (SSH) server, for secure access from remote machines | openssh-9.9p1 |
openvpn | virtual private network daemon | openvpn-2.6.12 |
p7zip-full | transitional package | p7zip-17.05 |
parted | disk partition manipulator | parted-3.6 |
rfkill | tool for enabling and disabling wireless devices | util-linux-2.39.4 |
samba | SMB/CIFS file, print, and login server for Unix | samba-4.20.4 |
snmp | SNMP (Simple Network Management Protocol) applications | net-snmp-5.9.4 |
sudo | Provide limited super user privileges to specific users | sudo-1.9.16 |
tcpdump | command-line network traffic analyzer | tcpdump-4.99.5 |
testdisk | Partition scanner and disk recovery tool, and PhotoRec file recovery tool | testdisk-7.1 |
tftp | netkit-tftp-0.17 | |
tmux | terminal multiplexer | tmux-3.5a |
unrar | unrar-7.0.9 | |
vim | Vi IMproved - enhanced vi editor | vim-9.1.0787 |
whois | intelligent WHOIS client | whois-5.5.23 |
bluetooth
Kali Package | Description | Nix derivation |
---|---|---|
blue-hydra | Bluetooth device discovery service | cantfind |
bluelog | Bluetooth scanner and logger | cantfind |
blueranger | Simple Bash script to locate Bluetooth devices | cantfind |
bluesnarfer | A Bluesnarfing Utility | bluesnarfer-0.1 |
bluez | Bluetooth tools and daemons | bluez-5.78 |
bluez-hcidump | Analyses Bluetooth HCI packets | cantfind |
btscanner | ncurses-based scanner for Bluetooth devices | cantfind |
crackle | Crack and decrypt BLE encryption | crackle-unstable-2020-12-13 |
redfang | Locates non-discoverable bluetooth devices | redfang-2.5 |
spooftooph | Automates spoofing or cloning Bluetooth devices | spooftooph-0.5.2 |
ubertooth | 2.4 GHz wireless development platform for Bluetooth experimentation | ubertooth-2020-12-R1 |
crypto-stego
Kali Package | Description | Nix derivation |
---|---|---|
aesfix | tool for correcting bit errors in an AES key schedule | aesfix-1.0.1 |
aeskeyfind | tool for locating AES keys in a captured memory image | aeskeyfind-1.0 |
ccrypt | secure encryption and decryption of files and streams | ccrypt-1.11 |
outguess | universal steganographic tool | outguess-0.4 |
steghide | steganography hiding tool | steghide-0.5.1.1 |
stegsnow | steganography using ASCII files | cantfind |
database
Kali Package | Description | Nix derivation |
---|---|---|
jsql-injection | Java tool for automatic database injection | cantfind |
mdbtools | JET / MS Access database (MDB) tools | mdbtools-1.0.0 |
oscanner | Oracle assessment framework | cantfind |
sidguesser | Guesses sids against an Oracle database | cantfind |
sqldict | Dictionary attack tool for SQL Server | cantfind |
sqlitebrowser | GUI editor for SQLite databases | sqlitebrowser-3.13.1 |
sqlmap | automatic SQL injection tool | python3.12-sqlmap-1.8.9 |
sqlninja | SQL server injection and takeover tool | cantfind |
sqlsus | MySQL injection tool | cantfind |
tnscmd10g | Tool to prod the oracle tnslsnr process | cantfind |
detect
Kali Package | Description | Nix derivation |
---|---|---|
grokevt | scripts for reading Microsoft Windows event log files | cantfind |
sentrypeer | SIP peer to peer honeypot for VoIP | cantfind |
exploitation
Kali Package | Description | Nix derivation |
---|---|---|
armitage | Cyber attack management for Metasploit | armitage-unstable-2022-12-05 |
beef-xss | Browser Exploitation Framework (BeEF) | cantfind |
exploitdb | Searchable Exploit Database archive | exploitdb-2024-10-02 |
metasploit-framework | Framework for exploit development and vulnerability research | metasploit-framework-6.4.36 |
msfpc | MSFvenom Payload Creator (MSFPC) | msfpc-1.4.5 |
set | Social-Engineer Toolkit | cantfind |
shellnoob | Shellcode writing toolkit | shellnoob-unstable-2022-03-16 |
sqlmap | automatic SQL injection tool | python3.12-sqlmap-1.8.9 |
termineter | Smart meter testing framework | termineter-1.0.6 |
forensics
Kali Package | Description | Nix derivation |
---|---|---|
7zip | 7-Zip file archiver with a high compression ratio | p7zip-17.05 |
afflib-tools | Advanced Forensics Format Library (utilities) | afflib-3.7.20 |
apktool | tool for reverse engineering Android apk files | apktool-2.10.0 |
autopsy | graphical interface to SleuthKit | autopsy-4.21.0 |
binwalk | tool library for analyzing binary blobs and executable code | python3.12-binwalk-full-2.4.3 |
bulk-extractor | bulk_extractor-2.1.1 | |
bytecode-viewer | Java 8+ Jar & Android APK Reverse Engineering Suite | bytecode-viewer-2.12 |
cabextract | Microsoft Cabinet file unpacker | cabextract-1.11 |
chkrootkit | rootkit detector | chkrootkit-0.58b |
creddump7 | Python tool to extract credentials and secrets from Windows registry hives | cantfind |
dc3dd | patched version of GNU dd with forensic features | dc3dd-7.3.1 |
dcfldd | enhanced version of dd for forensics and security | dcfldd-1.3.4-1 |
ddrescue | data recovery and protection tool | ddrescue-1.28 |
dumpzilla | Mozilla browser forensic tool | cantfind |
edb-debugger | cross platform x86/x86-64 debugger | cantfind |
ewf-tools | collection of tools for reading and writing EWF files | libewf-20231119 |
exifprobe | read metadata from digital pictures | exifprobe-unstable-2018-06-19 |
exiv2 | EXIF/IPTC/XMP metadata manipulation tool | exiv2-0.28.3 |
ext3grep | tool to help recover deleted files on ext3 filesystems | ext3grep-0.10.2 |
ext4magic | recover deleted files from ext3 or ext4 partitions | ext4magic-0.3.2 |
extundelete | utility to recover deleted files from ext3/ext4 partition | extundelete-0.2.4 |
fcrackzip | password cracker for zip archives | fcrackzip-1.0 |
firmware-mod-kit | Deconstruct and reconstruct firmware images | cantfind |
foremost | forensic program to recover lost files | foremost-1.5.7 |
forensic-artifacts | knowledge base of forensic artifacts (data files) | cantfind |
forensics-colorize | show differences between files using color graphics | cantfind |
galleta | Internet Explorer cookie forensic analysis tool | galleta-20040505_1 |
gdb | GNU Debugger | gdb-15.2 |
gpart | Guess PC disk partition table, find lost partitions | gpart-0.3 |
gparted | GNOME partition editor | gparted-1.6.0 |
grokevt | scripts for reading Microsoft Windows event log files | cantfind |
guymager | Forensic imaging tool based on Qt | guymager-0.8.13 |
hashdeep | recursively compute hashsums or piecewise hashings | hashdeep-4.4 |
inetsim | Software suite for simulating common internet services | cantfind |
jadx | Dex to Java decompiler | jadx-1.5.0 |
javasnoop | Intercept Java applications locally | cantfind |
libhivex-bin | utilities for reading and writing Windows Registry hives | hivex-1.3.24 |
libsmali-java | assembler/disassembler for Android's dex format | cantfind |
lvm2 | Linux Logical Volume Manager | lvm2-2.03.27 |
lynis | security auditing tool for Unix based systems | lynis-3.1.2 |
mac-robber | collects data about allocated files in mounted filesystems | mac-robber-1.02 |
magicrescue | recover files by looking for magic bytes | magicrescue-1.1.10-unstable-2021-09-12 |
md5deep | hashdeep-4.4 | |
mdbtools | JET / MS Access database (MDB) tools | mdbtools-1.0.0 |
memdump | utility to dump memory contents to standard output | cantfind |
metacam | extract EXIF information from digital camera files | cantfind |
missidentify | find win32 applications | missidentify-1.0 |
myrescue | rescue data from damaged disks | myrescue-0.9.8 |
nasm | General-purpose x86 assembler | nasm-2.16.03 |
nasty | tool which helps you to recover your GPG passphrase | nasty-0.6 |
ollydbg | 32-bit assembler level analysing debugger | not-applicable |
parted | disk partition manipulator | parted-3.6 |
pasco | Internet Explorer cache forensic analysis tool | pasco-20040505_1 |
pdf-parser | Parses PDF files to identify fundamental elements | pdf-parser-0.7.9 |
pdfid | Scans PDF files for certain PDF keywords | pdfid-0.2.8 |
plaso | super timeline all the things -- metapackage | cantfind |
polenum | Extracts the password policy from a Windows system | polenum-1.6.1-unstable-2024-07-30 |
pst-utils | tools for reading Microsoft Outlook PST files | libpst-0.6.76 |
python3-capstone | lightweight multi-architecture disassembly framework - Python bindings | python3.12-capstone-5.0.3 |
python3-dfdatetime | Digital Forensics date and time library for Python 3 | cantfind |
python3-dfvfs | Digital Forensics Virtual File System | cantfind |
python3-dfwinreg | Digital Forensics Windows Registry library for Python 3 | cantfind |
python3-distorm3 | powerful disassembler library for x86/AMD64 binary streams (Python3 bindings) | python3.12-distorm3-3.5.2 |
radare2 | free and advanced command line hexadecimal editor | radare2-5.9.6 |
readpe | command-line tools to manipulate Windows PE files | cantfind |
recoverdm | recover files on disks with damaged sectors | recoverdm-0.20-8 |
recoverjpeg | recover JFIF (JPEG) pictures and MOV movies | recoverjpeg-2.6.3 |
reglookup | utility to analysis for Windows NT-based registry | cantfind |
regripper | perform forensic analysis of registry hives | regripper-0-unstable-2024-11-02 |
rephrase | Specialized passphrase recovery tool for GnuPG | cantfind |
rifiuti | MS Windows recycle bin analysis tool | rifiuti-20040505_1 |
rifiuti2 | replacement for rifiuti, a MS Windows recycle bin analysis tool | cantfind |
rizin-cutter | reverse engineering platform powered by rizin | cutter-2.3.4 |
rkhunter | rootkit, backdoor, sniffer and exploit scanner | cantfind |
rsakeyfind | locates BER-encoded RSA private keys in memory images | cantfind |
rz-ghidra | ghidra decompiler and sleigh disassembler for rizin | rz-ghidra-0.7.0 |
safecopy | data recovery tool for problematic or damaged media | safecopy-1.7 |
samdump2 | Dump Windows 2k/NT/XP password hashes | samdump2-3.0.0 |
scalpel | fast filesystem-independent file recovery | scalpel-2.1 |
scrounge-ntfs | Data recovery program for NTFS filesystems | scrounge-ntfs-0.9 |
sleuthkit | tools for forensics analysis on volume and filesystem data | sleuthkit-4.12.1 |
sqlitebrowser | GUI editor for SQLite databases | sqlitebrowser-3.13.1 |
ssdeep | recursive piecewise hashing tool | ssdeep-2.14.1 |
tcpdump | command-line network traffic analyzer | tcpdump-4.99.5 |
tcpflow | TCP flow recorder | tcpflow-1.6.1 |
tcpick | TCP stream sniffer and connection tracker | cantfind |
tcpreplay | Tool to replay saved tcpdump files at arbitrary speeds | tcpreplay-4.5.1 |
truecrack | Bruteforce password cracker for TrueCrypt volumes | truecrack-3.6 |
undbx | tool to extract, recover and undelete e-mail messages from .dbx files | undbx-0.22-unstable-2019-02-11 |
unhide | forensic tool to find hidden processes and ports | unhide-20220611 |
unrar | unar | unrar-7.0.9 | |
upx-ucl | efficient live-compressor for executables | upx-4.2.4 |
vinetto | forensics tool to examine Thumbs.db files | cantfind |
wce | cantfind | |
winregfs | Windows registry FUSE filesystem | cantfind |
wireshark | network traffic analyzer - graphical interface | wireshark-qt-4.2.8 |
xmount | tool for crossmounting between disk image formats | cantfind |
xplico | Network Forensic Analysis Tool (NFAT) | cantfind |
yara | Pattern matching swiss knife for malware researchers | yara-4.5.0 |
fuzzing
Kali Package | Description | Nix derivation |
---|---|---|
afl++ | instrumentation-driven fuzzer for binary formats | aflplusplus-4.21c |
sfuzz | Black Box testing utilities | cantfind |
spike | Network protocol fuzzer | spike-1.1.0-unstable-2024-09-21 |
wfuzz | Web application bruteforcer | python3.12-wfuzz-3.1.0 |
gpu
Kali Package | Description | Nix derivation |
---|---|---|
oclgausscrack | Cracks verification hashes of the Gauss Virus | cantfind |
truecrack | Bruteforce password cracker for TrueCrypt volumes | truecrack-3.6 |
hardware
Kali Package | Description | Nix derivation |
---|---|---|
binwalk | tool library for analyzing binary blobs and executable code | python3.12-binwalk-full-2.4.3 |
cutecom | Graphical serial terminal, like minicom | cutecom-0.51.0+patch |
flashrom | Identify, read, write, erase, and verify BIOS/ROM/flash chips | flashrom-1.3.0 |
minicom | Friendly menu driven serial communication program | minicom-2.9 |
openocd | Open on-chip JTAG/SWD debug solution for embedded target devices | openocd-0.12.0 |
qemu-system-x86 | QEMU full system emulation binaries (x86) | qemu-9.1.1 |
qemu-user | QEMU user mode emulation (static binaries) | qemu-user-9.1.1 |
radare2 | free and advanced command line hexadecimal editor | radare2-5.9.6 |
rizin-cutter | reverse engineering platform powered by rizin | cutter-2.3.4 |
rz-ghidra | ghidra decompiler and sleigh disassembler for rizin | rz-ghidra-0.7.0 |
identify
Kali Package | Description | Nix derivation |
---|---|---|
amass | In-depth DNS Enumeration and Network Mapping | amass-4.2.0 |
assetfinder | Find domains and subdomains related to a given domain | assetfinder-0.1.1 |
cisco-auditing-tool | Scans Cisco routers for vulnerabilities | cantfind |
defectdojo | security orchestration and vulnerability management platform | cantfind |
exploitdb | Searchable Exploit Database archive | exploitdb-2024-10-02 |
hb-honeypot | Heartbleed Honeypot Script | hb-honeypot-0-unstable-2024-02-13 |
kali-autopilot | tool for automatic attack scripts in Kali | cantfind |
maltego | maltego-4.8.0 | |
maryam | OWASP Maryam is a modular/optional open source framework bas | cantfind |
nipper-ng | Device security configuration review tool | cantfind |
osrframework | Open Sources Research Framework | cantfind |
spiderfoot | OSINT collection and reconnaissance tool | cantfind |
tiger | security auditing and intrusion detection tools for Linux | cantfind |
wapiti | web application vulnerability scanner | wapiti-3.2.1 |
witnessme | Web Inventory tool | witnessme-0-unstable-2023-12-06 |
zaproxy | Testing tool for finding vulnerabilities in web applications | zap-2.15.0 |
information-gathering
Kali Package | Description | Nix derivation |
---|---|---|
0trace | traceroute tool that can run within an existing TCP connection | cantfind |
arping | iputils-arping | arping-2.25 | |
braa | Mass SNMP scanner | braa-0.82 |
dmitry | Deepmagic Information Gathering Tool | dmitry-1.3a-unstable-2020-06-22 |
dnsenum | tool to enumerate domain DNS information | dnsenum-1.2.4.2 |
dnsmap | DNS domain name brute forcing tool | dnsmap-0.36-unstable-2024-08-20 |
dnsrecon | Powerful DNS enumeration script | dnsrecon-1.3.1 |
dnstracer | trace DNS queries to the source | dnstracer-1.10 |
dnswalk | Checks dns zone information using nameserver lookups | cantfind |
enum4linux | Enumerates info from Windows and Samba systems | enum4linux-0.9.1 |
fierce | Domain DNS scanner | fierce-1.6.0 |
firewalk | active reconnaissance network security tool | firewalk-5.0 |
fping | sends ICMP ECHO_REQUEST packets to network hosts | fping-5.2 |
fragrouter | IDS evasion toolkit | cantfind |
ftester | Tool for testing firewalls and Intrusion Detection System (IDS) | cantfind |
hping3 | Active Network Smashing Tool | hping-2014-12-26 |
ike-scan | discover and fingerprint IKE hosts (IPsec VPN Servers) | ike-scan-1.9.5 |
intrace | Traceroute-like application piggybacking on existing TCP connections | cantfind |
irpas | cantfind | |
lbd | Load balancer detector | lbd-0-unstable-2024-02-17 |
legion | semi-automated network penetration testing tool | cantfind |
maltego | maltego-4.8.0 | |
masscan | TCP port scanner | masscan-1.3.2 |
metagoofil | Tool designed for extracting metadata of public documents | cantfind |
nbtscan | scan networks searching for NetBIOS information | nbtscan-1.7.2-unstable-2022-10-29 |
ncat | nmap-7.95 | |
netdiscover | active/passive network address scanner using ARP requests | netdiscover-0.10 |
netmask | helps determine network masks | netmask-2.4.4 |
nmap | nmap-7.95 | |
onesixtyone | fast and simple SNMP scanner | onesixtyone-unstable-2019-12-26 |
p0f | Passive OS fingerprinting tool | p0f-3.09b |
qsslcaudit | test SSL/TLS clients how secure they are | cantfind |
recon-ng | Web Reconnaissance framework written in Python | cantfind |
smbmap | handy SMB enumeration tool | smbmap-1.10.5 |
smtp-user-enum | Username guessing tool for the SMTP service | cantfind |
snmpcheck | SNMP service enumeration tool | net-snmp-5.9.4 |
ssldump | SSLv3/TLS network protocol analyzer | ssldump-1.8-unstable-2024-10-16 |
sslh | Applicative protocol multiplexer | sslh-2.1.2 |
sslscan | Tests SSL/TLS enabled services to discover supported cipher suites | sslscan-2.1.5 |
sslyze | Fast and full-featured SSL scanner | broken |
swaks | SMTP command-line test tool | swaks-20240103.0 |
thc-ipv6 | The Hacker Choice's IPv6 Attack Toolkit | thc-ipv6-3.8 |
theharvester | tool for gathering e-mail accounts and subdomain names from public sources | theharvester-4.6.0 |
tlssled | Evaluates the security of a target SSL/TLS (HTTPS) server | cantfind |
twofi | Twitter words of interest | cantfind |
unicornscan | Userland distributed TCP/IP stack | cantfind |
urlcrazy | cantfind | |
wafw00f | identify and fingerprint Web Application Firewall products | wafw00f-2.2.0 |
zenmap | nmap-7.95 |
passwords
Kali Package | Description | Nix derivation |
---|---|---|
cewl | custom word list generator | cewl-5.5.2 |
chntpw | NT SAM password recovery utility | chntpw-140201 |
cisco-auditing-tool | Scans Cisco routers for vulnerabilities | cantfind |
cmospwd | decrypt BIOS passwords from CMOS | cmospwd-5.1 |
crackle | Crack and decrypt BLE encryption | crackle-unstable-2020-12-13 |
creddump7 | Python tool to extract credentials and secrets from Windows registry hives | cantfind |
crunch | tool for creating wordlist | crunch-3.6 |
fcrackzip | password cracker for zip archives | fcrackzip-1.0 |
freerdp2-x11 | RDP client for Windows Terminal Services (X11 client) | freerdp-2.11.7 |
gpp-decrypt | Group Policy Preferences decrypter | cantfind |
hash-identifier | Tool to identify hash types | hash-identifier-1.2 |
hashcat | World's fastest and most advanced password recovery utility | hashcat-6.2.6 |
hashcat-utils | Set of small utilities for advanced password cracking | hashcat-utils-1.9 |
hashid | Identify the different types of hashes used to encrypt data | hashid-3.1.4-unstable-2015-03-17 |
hydra | very fast network logon cracker | thc-hydra-9.5 |
john | active password cracking tool | john-rolling-2404 |
johnny | GUI for John the Ripper | johnny-2.2 |
maskprocessor | high-performance word generator with a per-position configurable charset | cantfind |
medusa | fast, parallel, modular, login brute-forcer for network services | medusa-unstable-2018-12-16 |
mimikatz | Uses admin rights on Windows to display passwords in plaintext | mimikatz-2.2.0-20220919 |
ncrack | High-speed network authentication cracking tool | ncrack-0.7 |
onesixtyone | fast and simple SNMP scanner | onesixtyone-unstable-2019-12-26 |
ophcrack | Microsoft Windows password cracker using rainbow tables (gui) | ophcrack-3.8.0 |
ophcrack-cli | Microsoft Windows password cracker using rainbow tables (cmdline) | ophcrack-3.8.0 |
pack | Password analysis and cracking kit | cantfind |
pack2 | Password analysis and cracking kit 2 | cantfind |
passing-the-hash | Patched tools to use password hashes as authentication input | cantfind |
patator | Multi-purpose brute-forcer | python3.12-patator-1.0 |
pdfcrack | PDF files password cracker | pdfcrack-0.20 |
pipal | Statistical analysis on password dumps | cantfind |
polenum | Extracts the password policy from a Windows system | polenum-1.6.1-unstable-2024-07-30 |
rainbowcrack | Rainbow table password cracker | rainbowcrack-1.8 |
rarcrack | Password cracker for rar archives | rarcrack-0.2 |
rcracki-mt | Version of rcrack that supports hybrid and indexed tables | cantfind |
rsmangler | Wordlist mangling tool | rsmangler-1.5-unstable-2019-07-24 |
samdump2 | Dump Windows 2k/NT/XP password hashes | samdump2-3.0.0 |
seclists | Collection of multiple types of security lists | seclists-2024.3 |
sipcrack | SIP login dumper/cracker | cantfind |
sipvicious | tools to audit SIP based VoIP systems | sipvicious-0.3.4 |
smbmap | handy SMB enumeration tool | smbmap-1.10.5 |
sqldict | Dictionary attack tool for SQL Server | cantfind |
statsprocessor | word generator based on per-position Markov chains | cantfind |
sucrack | multithreaded su bruteforcer | cantfind |
thc-pptp-bruter | THC PPTP Brute Force | cantfind |
truecrack | Bruteforce password cracker for TrueCrypt volumes | truecrack-3.6 |
twofi | Twitter words of interest | cantfind |
wordlists | Contains the rockyou wordlist | wordlists |
post-exploitation
Kali Package | Description | Nix derivation |
---|---|---|
cymothoa | Stealth backdooring tool | cantfind |
dbd | Netcat clone with encryption | dbd-1.50-unstable-2016-01-04 |
dns2tcp | TCP-over-DNS tunnel server and client | dns2tcp-0.5.2 |
exe2hexbat | Convert EXE to bat | exe2hex-1.5.2-unstable-2020-04-27 |
iodine | tool for tunneling IPv4 data through a DNS server | iodine-0.8.0 |
laudanum | Collection of injectable web files | laudanum-1.0-unstable-2017-12-15 |
mimikatz | Uses admin rights on Windows to display passwords in plaintext | mimikatz-2.2.0-20220919 |
miredo | Teredo IPv6 tunneling through NATs | miredo-1.2.6 |
nishang | Collection of PowerShell scripts and payloads | cantfind |
powersploit | PowerShell Post-Exploitation Framework | powersploit-3.0.0-unstable-2020-08-22 |
proxychains4 | redirect connections through socks/http proxies (proxychains-ng) | proxychains-4.4.0 |
proxytunnel | Help SSH and other protocols through HTTP(S) proxies | cantfind |
ptunnel | Tunnel TCP connections over ICMP packets | ptunnel-0.72 |
pwnat | NAT to NAT client-server communication | pwnat-2023-03-31 |
sbd | Secure backdoor for linux and windows | cantfind |
shellter | cantfind | |
sslh | Applicative protocol multiplexer | sslh-2.1.2 |
stunnel4 | Universal SSL tunnel for network daemons | stunnel-5.73 |
udptunnel | tunnel UDP packets over a TCP connection | udptunnel-19 |
veil | Generates payloads to bypass anti-virus solutions | cantfind |
webacoo | Web backdoor cookie script kit | cantfind |
weevely | Stealth tiny web shell | weevely-4.0.2-unstable-2024-04-29 |
protect
Kali Package | Description | Nix derivation |
---|---|---|
clamav | anti-virus utility for Unix - command-line interface | clamav-1.4.1 |
cryptsetup | disk encryption support - startup scripts | cryptsetup-2.7.5 |
cryptsetup-initramfs | disk encryption support - initramfs integration | cryptsetup-2.7.5 |
cryptsetup-nuke-password | Erase the LUKS keys with a special password on the unlock prompt | cantfind |
fwbuilder | Firewall administration tool GUI | fwbuilder-6.0.0-rc1 |
recover
Kali Package | Description | Nix derivation |
---|---|---|
ddrescue | data recovery and protection tool | ddrescue-1.28 |
ext3grep | tool to help recover deleted files on ext3 filesystems | ext3grep-0.10.2 |
extundelete | utility to recover deleted files from ext3/ext4 partition | extundelete-0.2.4 |
myrescue | rescue data from damaged disks | myrescue-0.9.8 |
recoverdm | recover files on disks with damaged sectors | recoverdm-0.20-8 |
recoverjpeg | recover JFIF (JPEG) pictures and MOV movies | recoverjpeg-2.6.3 |
scrounge-ntfs | Data recovery program for NTFS filesystems | scrounge-ntfs-0.9 |
undbx | tool to extract, recover and undelete e-mail messages from .dbx files | undbx-0.22-unstable-2019-02-11 |
reporting
Kali Package | Description | Nix derivation |
---|---|---|
cutycapt | utility to capture WebKit's rendering of a web page | cantfind |
dradis | Collaboration tools for penetration testing | cantfind |
eyewitness | Rapid web application triage tool | eye-witness-20230525.1 |
faraday | Collaborative Penetration Test IDE | faraday-0.2.11-alpha |
maltego | maltego-4.8.0 | |
metagoofil | Tool designed for extracting metadata of public documents | cantfind |
pipal | Statistical analysis on password dumps | cantfind |
recordmydesktop | Captures audio-video data of a Linux desktop session | cantfind |
respond
Kali Package | Description | Nix derivation |
---|---|---|
ewf-tools | collection of tools for reading and writing EWF files | libewf-20231119 |
ghidra | Software Reverse Engineering Framework | ghidra-11.2.1 |
guymager | Forensic imaging tool based on Qt | guymager-0.8.13 |
hashrat | hashing tool supporting several hashes and recursivity | hashrat-1.22 |
impacket-scripts | Links to useful impacket scripts examples | python3.11-impacket-0.12.0 |
netsniff-ng | Linux network packet sniffer toolkit | netsniff-ng-0.6.8 |
reverse-engineering
Kali Package | Description | Nix derivation |
---|---|---|
apktool | tool for reverse engineering Android apk files | apktool-2.10.0 |
bytecode-viewer | Java 8+ Jar & Android APK Reverse Engineering Suite | bytecode-viewer-2.12 |
clang | C, C++ and Objective-C compiler (LLVM based), clang binary | clang-18.1.8 |
dex2jar | Tools to work with android .dex and java .class files | dex2jar-2.4 |
edb-debugger | cross platform x86/x86-64 debugger | cantfind |
jadx | Dex to Java decompiler | jadx-1.5.0 |
javasnoop | Intercept Java applications locally | cantfind |
jd-gui | GUI Java .class decompiler | broken |
metasploit-framework | Framework for exploit development and vulnerability research | metasploit-framework-6.4.36 |
ollydbg | 32-bit assembler level analysing debugger | not-applicable |
radare2 | free and advanced command line hexadecimal editor | radare2-5.9.6 |
rizin-cutter | reverse engineering platform powered by rizin | cutter-2.3.4 |
rz-ghidra | ghidra decompiler and sleigh disassembler for rizin | rz-ghidra-0.7.0 |
rfid
Kali Package | Description | Nix derivation |
---|---|---|
gnuradio | GNU Radio Software Radio Toolkit | gnuradio-3.10.11.0 |
libfreefare-bin | MIFARE card manipulations binaries | libfreefare-0.4.0 |
libnfc-bin | Near Field Communication (NFC) binaries | libnfc-1.8.0 |
mfcuk | MiFare Classic Universal toolKit | mfcuk-0.3.8 |
mfoc | MIFARE Classic offline cracker | mfoc-0.10.7 |
mfterm | Terminal for working with Mifare Classic 1-4k Tags | cantfind |
proxmark3 | Firmware, flasher, and client for the Proxmark3 | proxmark3-4.18994 |
rfdump | tool to decode RFID tag data | rfdump-1.6 |
sdr
Kali Package | Description | Nix derivation |
---|---|---|
chirp | Configuration tool for amateur radios | chirp-0.4.0-unstable-2024-10-03 |
gnuradio | GNU Radio Software Radio Toolkit | gnuradio-3.10.11.0 |
gqrx-sdr | Software defined radio receiver | gqrx-2.17.5 |
gr-air-modes | Gnuradio Mode-S/ADS-B radio | cantfind |
gr-iqbal | GNU Radio Blind IQ imbalance estimator and correction | cantfind |
gr-osmosdr | Gnuradio blocks from the OsmoSDR project | gr-osmosdr-0.2.6 |
hackrf | Software defined radio peripheral - utilities | hackrf-2024.02.1 |
inspectrum | tool for visualising captured radio signals | inspectrum-0.3.1 |
kalibrate-rtl | Calculate local oscillator frequency offset using GSM base stations | kalibrate-rtl-unstable-2022-02-02 |
multimon-ng | digital radio transmission decoder | multimon-ng-1.3.1 |
uhd-host | universal hardware driver for Ettus Research products - host apps | uhd-4.7.0.0 |
uhd-images | Various UHD Images | not-applicable |
sniffing-spoofing
Kali Package | Description | Nix derivation |
---|---|---|
above | Invisible protocol sniffer for finding vulnerabilities in the network | cantfind |
bettercap | Complete, modular, portable and easily extensible MITM framework | bettercap-2.32.0 |
darkstat | network traffic analyzer | darkstat-3.0.721 |
dnschef | DNS proxy for penetration testers | dnschef-0.4 |
driftnet | picks out and displays images from network traffic | driftnet-1.5.0 |
dsniff | Various tools to sniff network traffic for cleartext insecurities | dsniff-2.4b1 |
ettercap-graphical | ettercap-text-only | ettercap-0.8.3.1 | |
ferret-sidejack | Monitors data and extracts interesting data | cantfind |
fiked | Cisco VPN attack tool | cantfind |
hamster-sidejack | Sidejacking tool | cantfind |
hexinject | Versatile packet injector and sniffer | cantfind |
isr-evilgrade | Evilgrade framework | cantfind |
macchanger | utility for manipulating the MAC address of network interfaces | macchanger-1.7.0 |
mitmproxy | SSL-capable man-in-the-middle HTTP proxy | python3.12-mitmproxy-11.0.0 |
netsniff-ng | Linux network packet sniffer toolkit | netsniff-ng-0.6.8 |
rebind | DNS rebinding tool | cantfind |
responder | LLMNR/NBT-NS/mDNS Poisoner | responder-3.1.4.0 |
sniffjoke | Transparent TCP connection scrambler | cantfind |
sslsniff | SSL/TLS man-in-the-middle attack tool | cantfind |
sslsplit | transparent and scalable SSL/TLS interception | sslsplit-0.5.5 |
tcpflow | TCP flow recorder | tcpflow-1.6.1 |
tcpreplay | Tool to replay saved tcpdump files at arbitrary speeds | tcpreplay-4.5.1 |
wifi-honey | Wi-Fi honeypot | cantfind |
wireshark | network traffic analyzer - graphical interface | wireshark-qt-4.2.8 |
yersinia | Network vulnerabilities check software | yersinia-unstable-2022-11-20 |
social-engineering
Kali Package | Description | Nix derivation |
---|---|---|
beef-xss | Browser Exploitation Framework (BeEF) | cantfind |
maltego | maltego-4.8.0 | |
msfpc | MSFvenom Payload Creator (MSFPC) | msfpc-1.4.5 |
set | Social-Engineer Toolkit | cantfind |
veil | Generates payloads to bypass anti-virus solutions | cantfind |
top10
Kali Package | Description | Nix derivation |
---|---|---|
aircrack-ng | wireless WEP/WPA cracking utilities | aircrack-ng-1.7 |
burpsuite | platform for security testing of web applications | burpsuite-2024.8.5 |
hydra | very fast network logon cracker | thc-hydra-9.5 |
john | active password cracking tool | john-rolling-2404 |
metasploit-framework | Framework for exploit development and vulnerability research | metasploit-framework-6.4.36 |
netexec | Network Execution Tool | netexec-1.1.0-unstable-2024-01-15 |
nmap | nmap-7.95 | |
responder | LLMNR/NBT-NS/mDNS Poisoner | responder-3.1.4.0 |
sqlmap | automatic SQL injection tool | python3.12-sqlmap-1.8.9 |
wireshark | network traffic analyzer - graphical interface | wireshark-qt-4.2.8 |
voip
Kali Package | Description | Nix derivation |
---|---|---|
enumiax | IAX protocol username enumerator | cantfind |
iaxflood | VoIP flooder tool | cantfind |
inviteflood | SIP/SDP INVITE message flooding over UDP/IP | cantfind |
libfindrtp | Library required by multiple VoIP tools | cantfind |
nmap | nmap-7.95 | |
ohrwurm | RTP fuzzer | cantfind |
protos-sip | SIP test suite | cantfind |
rtpbreak | Detects, reconstructs, and analyzes RTP sessions | cantfind |
rtpflood | Tool to flood any RTP device | cantfind |
rtpinsertsound | Inserts audio into a specified stream | cantfind |
rtpmixsound | Mixes pre-recorded audio in real-time | cantfind |
sctpscan | SCTP network scanner for discovery and security | cantfind |
siparmyknife | SIP fuzzing tool | cantfind |
sipcrack | SIP login dumper/cracker | cantfind |
sipp | Traffic generator for the SIP protocol | sipp-3.6.1 |
sipvicious | tools to audit SIP based VoIP systems | sipvicious-0.3.4 |
voiphopper | Runs a VLAN hop security test | cantfind |
wireshark | network traffic analyzer - graphical interface | wireshark-qt-4.2.8 |
vulnerability
Kali Package | Description | Nix derivation |
---|---|---|
afl++ | instrumentation-driven fuzzer for binary formats | aflplusplus-4.21c |
bed | A network protocol fuzzer | cantfind |
cisco-auditing-tool | Scans Cisco routers for vulnerabilities | cantfind |
cisco-global-exploiter | Simple and fast Cisco exploitation tool | cantfind |
cisco-ocs | Mass Cisco scanner | cantfind |
cisco-torch | Cisco device scanner | cantfind |
copy-router-config | Copies Cisco configs via SNMP | cantfind |
dhcpig | DHCP exhaustion script using scapy network library | dhcpig-1.6 |
enumiax | IAX protocol username enumerator | cantfind |
gvm | remote network security auditor - metapackage and useful scripts | cantfind |
iaxflood | VoIP flooder tool | cantfind |
inviteflood | SIP/SDP INVITE message flooding over UDP/IP | cantfind |
legion | semi-automated network penetration testing tool | cantfind |
lynis | security auditing tool for Unix based systems | lynis-3.1.2 |
nikto | nikto-2.5.0 | |
nmap | nmap-7.95 | |
ohrwurm | RTP fuzzer | cantfind |
peass | Privilege Escalation Awesome Scripts SUITE | cantfind |
protos-sip | SIP test suite | cantfind |
rtpbreak | Detects, reconstructs, and analyzes RTP sessions | cantfind |
rtpflood | Tool to flood any RTP device | cantfind |
rtpinsertsound | Inserts audio into a specified stream | cantfind |
rtpmixsound | Mixes pre-recorded audio in real-time | cantfind |
sctpscan | SCTP network scanner for discovery and security | cantfind |
sfuzz | Black Box testing utilities | cantfind |
siege | HTTP regression testing and benchmarking utility | siege-4.1.6 |
siparmyknife | SIP fuzzing tool | cantfind |
sipp | Traffic generator for the SIP protocol | sipp-3.6.1 |
sipsak | SIP Swiss army knife | sipsak-4.1.2.1 |
sipvicious | tools to audit SIP based VoIP systems | sipvicious-0.3.4 |
slowhttptest | application layer Denial of Service attacks simulation tool | slowhttptest-1.9.0 |
spike | Network protocol fuzzer | spike-1.1.0-unstable-2024-09-21 |
t50 | Multi-protocol packet injector tool | cantfind |
thc-ssl-dos | Stress tester for the SSL handshake | cantfind |
unix-privesc-check | Script to check for simple privilege escalation vectors | unix-privesc-check-unresholved-1.4 |
voiphopper | Runs a VLAN hop security test | cantfind |
yersinia | Network vulnerabilities check software | yersinia-unstable-2022-11-20 |
web
Kali Package | Description | Nix derivation |
---|---|---|
apache-users | Enumerate usernames on systems with Apache UserDir module | apache-users-2.1 |
apache2 | Apache HTTP Server | apache-httpd-2.4.62 |
beef-xss | Browser Exploitation Framework (BeEF) | cantfind |
burpsuite | platform for security testing of web applications | burpsuite-2024.8.5 |
cadaver | command-line WebDAV client | cadaver-0.24 |
commix | Automated All-in-One OS Command Injection and Exploitation Tool | commix-3.9 |
cutycapt | utility to capture WebKit's rendering of a web page | cantfind |
davtest | Testing tool for WebDAV servers | davtest-1.0 |
default-mysql-server | MySQL database server binaries and system database setup (metapackage) | mariadb-server-10.11.10 |
dirb | URL bruteforcing tool | dirb-2.22 |
dirbuster | Web server directory brute-forcer | dirbuster-1.0-RC1 |
dotdotpwn | Directory Traversal Fuzzer. | cantfind |
eyewitness | Rapid web application triage tool | eye-witness-20230525.1 |
ferret-sidejack | Monitors data and extracts interesting data | cantfind |
ftester | Tool for testing firewalls and Intrusion Detection System (IDS) | cantfind |
hakrawler | Web crawler designed for easy, quick discovery of endpoints and assets | hakrawler-2.1 |
hamster-sidejack | Sidejacking tool | cantfind |
heartleech | Scanner detecting systems vulnerable to the heartbleed OpenSSL bug | cantfind |
httprint | cantfind | |
httrack | Copy websites to your computer (Offline browser) | httrack-3.49.2 |
hydra | very fast network logon cracker | thc-hydra-9.5 |
jboss-autopwn | JBoss script for obtaining remote shell access | cantfind |
joomscan | OWASP Joomla Vulnerability Scanner Project | joomscan-unstable-2021-06-08 |
jsql-injection | Java tool for automatic database injection | cantfind |
laudanum | Collection of injectable web files | laudanum-1.0-unstable-2017-12-15 |
lbd | Load balancer detector | lbd-0-unstable-2024-02-17 |
maltego | maltego-4.8.0 | |
medusa | fast, parallel, modular, login brute-forcer for network services | medusa-unstable-2018-12-16 |
mitmproxy | SSL-capable man-in-the-middle HTTP proxy | python3.12-mitmproxy-11.0.0 |
ncrack | High-speed network authentication cracking tool | ncrack-0.7 |
nikto | nikto-2.5.0 | |
nishang | Collection of PowerShell scripts and payloads | cantfind |
nmap | nmap-7.95 | |
oscanner | Oracle assessment framework | cantfind |
owasp-mantra-ff | cantfind | |
padbuster | Script for performing Padding Oracle attacks | padbuster-0.3.3 |
paros | Web application proxy | cantfind |
patator | Multi-purpose brute-forcer | python3.12-patator-1.0 |
php | server-side, HTML-embedded scripting language (default) | php-8.2.25 |
php-mysql | MySQL module for PHP [default] | php-mysqlnd-8.2.25 |
proxychains4 | redirect connections through socks/http proxies (proxychains-ng) | proxychains-4.4.0 |
proxytunnel | Help SSH and other protocols through HTTP(S) proxies | cantfind |
qsslcaudit | test SSL/TLS clients how secure they are | cantfind |
redsocks | arbitrary TCP connection redirector to a SOCKS or HTTPS proxy server | redsocks-0.5 |
sidguesser | Guesses sids against an Oracle database | cantfind |
siege | HTTP regression testing and benchmarking utility | siege-4.1.6 |
skipfish | fully automated, active web application security reconnaissance tool | cantfind |
slowhttptest | application layer Denial of Service attacks simulation tool | slowhttptest-1.9.0 |
sqldict | Dictionary attack tool for SQL Server | cantfind |
sqlitebrowser | GUI editor for SQLite databases | sqlitebrowser-3.13.1 |
sqlmap | automatic SQL injection tool | python3.12-sqlmap-1.8.9 |
sqlninja | SQL server injection and takeover tool | cantfind |
sqlsus | MySQL injection tool | cantfind |
ssldump | SSLv3/TLS network protocol analyzer | ssldump-1.8-unstable-2024-10-16 |
sslh | Applicative protocol multiplexer | sslh-2.1.2 |
sslscan | Tests SSL/TLS enabled services to discover supported cipher suites | sslscan-2.1.5 |
sslsniff | SSL/TLS man-in-the-middle attack tool | cantfind |
sslsplit | transparent and scalable SSL/TLS interception | sslsplit-0.5.5 |
sslyze | Fast and full-featured SSL scanner | broken |
stunnel4 | Universal SSL tunnel for network daemons | stunnel-5.73 |
thc-ssl-dos | Stress tester for the SSL handshake | cantfind |
tlssled | Evaluates the security of a target SSL/TLS (HTTPS) server | cantfind |
tnscmd10g | Tool to prod the oracle tnslsnr process | cantfind |
uniscan | LFI, RFI, and RCE vulnerability scanner | cantfind |
wafw00f | identify and fingerprint Web Application Firewall products | wafw00f-2.2.0 |
wapiti | web application vulnerability scanner | wapiti-3.2.1 |
watobo | Semi-automated web application scanner | cantfind |
webacoo | Web backdoor cookie script kit | cantfind |
webscarab | Web application review tool | cantfind |
webshells | Collection of webshells | not-applicable |
weevely | Stealth tiny web shell | weevely-4.0.2-unstable-2024-04-29 |
wfuzz | Web application bruteforcer | python3.12-wfuzz-3.1.0 |
whatweb | Next generation web scanner | whatweb-0.5.5 |
wireshark | network traffic analyzer - graphical interface | wireshark-qt-4.2.8 |
wpscan | wpscan-3.8.27 | |
xsser | XSS testing framework | cantfind |
zaproxy | Testing tool for finding vulnerabilities in web applications | zap-2.15.0 |
windows-resources
Kali Package | Description | Nix derivation |
---|---|---|
dbd | Netcat clone with encryption | dbd-1.50-unstable-2016-01-04 |
dnschef | DNS proxy for penetration testers | dnschef-0.4 |
heartleech | Scanner detecting systems vulnerable to the heartbleed OpenSSL bug | cantfind |
hyperion | Runtime encrypter for 32-bit portable executables | cantfind |
mimikatz | Uses admin rights on Windows to display passwords in plaintext | mimikatz-2.2.0-20220919 |
ncat-w32 | Netcat for the 21st century | not-applicable |
ollydbg | 32-bit assembler level analysing debugger | not-applicable |
powercat | netcat features all in powershell v2 | cantfind |
regripper | perform forensic analysis of registry hives | regripper-0-unstable-2024-11-02 |
sbd | Secure backdoor for linux and windows | cantfind |
secure-socket-funneling-windows-binaries | SSF - windows binaries | not-applicable |
shellter | cantfind | |
tftpd32 | Open source ipv6-ready TFTP server for Windows | not-applicable |
wce | cantfind | |
windows-binaries | not-applicable | |
windows-privesc-check | Windows privilege escalation checking tool | cantfind |
wireless
Kali Package | Description | Nix derivation |
---|---|---|
rfcat | Swiss army knife of sub-GHz radio | python3.12-rfcat-2.0.1 |
rfkill | tool for enabling and disabling wireless devices | util-linux-2.39.4 |
sakis3g | Tool for establishing 3G connections | cantfind |
spectools | Utilities for using the Wi-Spy USB spectrum analyzer hardware | cantfind |
wireshark | network traffic analyzer - graphical interface | wireshark-qt-4.2.8 |