Debian
Kali Linux
General penetration testing, CTF practice, web testing, wireless labs, and security training.
Start here when you want the most common learning environment and broad documentation.
Official siteCybersecurity student tools
This directory groups common security tools by learning workflow. Use them only in labs, owned systems, CTFs, or environments where you have explicit permission.
15 options
Debian
General penetration testing, CTF practice, web testing, wireless labs, and security training.
Start here when you want the most common learning environment and broad documentation.
Official siteDebian
Security labs, privacy-aware desktop work, forensics basics, and development.
Good when you want a security-focused daily lab desktop with privacy tools included.
Official siteArch Linux
Large penetration-testing tool repository, Arch-based labs, and advanced tool exploration.
Best for users already comfortable with Arch Linux and manual system maintenance.
Official siteGentoo
Live security testing environment, wireless work, exploit development, and low-level tuning.
Useful when you want a Gentoo-based security distro and are comfortable with deeper Linux control.
Official siteUbuntu
Security assessment, analysis, privacy, and lightweight lab workflows.
Good for learners who prefer an Ubuntu-based desktop with selected security tools.
Official siteUbuntu
Digital forensics, evidence handling, incident analysis, and recovery labs.
Choose this for forensic workflows instead of general penetration testing.
Official siteUbuntu
Malware analysis, reverse engineering support, suspicious document analysis, and memory artifacts.
Use in an isolated lab when studying malware behavior and analysis tooling.
Official siteWindows
Windows malware analysis, reverse engineering, forensics, debugging, and suspicious-file triage.
Choose this when your lab needs Windows-native malware and reverse-engineering tools.
Official siteDebian family
General Linux learning, manual tool installation, scripting, networking, and server fundamentals.
Best when you want to build Linux understanding before relying on a preloaded security distro.
Official siteUbuntu
Incident response, disk forensics, memory forensics, and timeline analysis.
Best for blue-team investigation labs and structured forensic case work.
Official siteUbuntu
Network security monitoring, IDS workflows, packet capture, logs, and threat hunting.
Use when you want to build a defensive monitoring lab instead of a pentest desktop.
Official siteDebian
Amnesic live sessions, privacy practice, Tor workflows, and sensitive browsing labs.
Good for learning privacy concepts; not a full penetration-testing distribution.
Official siteDebian
Tor isolation, privacy research, compartmentalized browsing, and anonymity education.
Use when traffic isolation and privacy architecture are the main learning goal.
Official siteFedora-based compartments
Security compartmentalization, isolated workflows, and high-risk research separation.
Best for advanced users who want strong isolation between tasks and virtual machines.
Official siteWindows
Windows-based offensive security labs, Active Directory testing, and Windows tooling.
Choose this when your lab needs Windows-native tools instead of a Linux distro.
Official site6 options
Free desktop hypervisor
Run Kali, Parrot, BlackArch, REMnux, Windows, and other lab machines on one computer.
Best first choice for students because it is free, common, and easy to use for snapshots and practice VMs.
Official siteDesktop hypervisor
Run Linux, Windows, and BSD virtual machines with strong VM management for cybersecurity labs.
Good when you want a polished VM experience, stable networking options, and compatibility with many prebuilt lab images.
Official sitemacOS desktop hypervisor
Run Kali, Windows, REMnux, and other lab VMs on macOS hosts.
Best for Mac users who need a VMware-style VM workflow for local cybersecurity labs.
Official siteLinux-native virtualization
Run hardware-accelerated virtual machines on Linux hosts with strong performance and control.
Good for Linux users who want fast local labs and are comfortable with deeper VM configuration.
Official siteBare-metal lab hypervisor
Build a dedicated home lab server with full VMs, LXC containers, snapshots, and virtual networks.
Best when you have spare hardware and want a more realistic multi-machine lab environment.
Official siteWindows virtualization
Run Windows and Linux lab VMs on supported Windows Pro, Enterprise, and Education systems.
Good for Windows-first labs, WSL2 users, and Microsoft ecosystem practice.
Official site10 languages
Must learn
Used for exploit scripts, automation, network tools, fuzzers, data analysis, and security libraries like Scapy, pwntools, and Impacket.
Start here for cybersecurity scripting, automation, and fast proof-of-concept work.
Must learn
Essential for Linux automation, command pipelines, recon one-liners, log parsing, and quick lab harnesses.
Learn early because nearly every Linux security workflow touches the shell.
Important
Low-level languages for understanding memory, buffer overflows, shellcode, OS internals, firmware, and network stacks.
Pick this when moving into systems security, binary exploitation, firmware, or vulnerability research.
Important
Helps you read disassembly, understand CPU-level behavior, debug binaries, and reason about ROP chains.
Learn enough to follow Ghidra, IDA, x64dbg, and debugger output during RE labs.
Important
Core client-side language for understanding XSS, DOM-based bugs, browser behavior, and modern web app attack surface.
Focus here if you want web app testing, bug bounty, or frontend security skills.
Important
Needed to understand SQL injection, joins, UNION queries, stored procedures, and secure database access patterns.
Learn alongside web security so you can both exploit and fix data-layer vulnerabilities.
Useful
Used for Windows administration, Active Directory enumeration, automation, incident response, and living-off-the-land concepts.
Important for Windows security, SOC work, Active Directory labs, and enterprise environments.
Useful
Compiles to standalone binaries and is used by many modern security tools such as Nuclei, Naabu, and Gobuster.
Good when you want fast, portable security tooling and simple deployment.
Useful
Memory-safe systems language useful for secure tooling, systems programming, and reducing memory-corruption bugs.
Good long-term choice for safer systems software and modern security engineering.
Useful
Common server-side web language where issues like file inclusion, injection, deserialization, and legacy CMS risks appear.
Useful for WordPress, older web apps, CTFs, and understanding common server-side vulnerability classes.
Try broader terms like password, network, web, packet, forensics, or analysis.
4 tools
Password Auditing
Advanced password recovery for authorized hash-auditing labs and defensive password-strength testing.
Password Auditing
Offline password auditing tool used to test password policy and hash exposure in controlled environments.
Password Auditing
Rainbow-table hash recovery tool mainly useful for understanding legacy unsalted hash weaknesses.
Password Auditing
Online hash lookup resource for quick checks of common unsalted hashes in training contexts.
2 tools
Network Discovery
Network mapper for host discovery, service inventory, and security auditing on networks you are allowed to assess.
Network Discovery
High-speed port scanner for large authorized address ranges before deeper service review.
2 tools
Packet Analysis
Network protocol analyzer for learning traffic patterns, troubleshooting, and packet-level investigation.
Packet Analysis
Command-line packet capture tool for collecting network evidence and troubleshooting traffic.
7 tools
Web Security
Free web application security testing proxy and scanner from the OWASP ecosystem.
Web Security
Manual web testing proxy for learning request interception, replay, and application security workflows.
Web Security
Automated SQL injection testing tool for controlled labs and explicitly authorized assessments.
Web Security
Web server scanner for finding common server issues, risky files, and configuration problems.
Web Security
WordPress security scanner for checking versions, plugins, themes, users, and known issues.
Web Security
Command-injection testing tool for controlled web application labs and authorized assessments.
Web Security
Browser security framework for studying client-side risk in intentionally vulnerable web labs.
3 tools
Web Discovery
Fast discovery tool for directories, DNS names, virtual hosts, and related web assets.
Web Discovery
Fast web fuzzer for content discovery, virtual-host checks, and parameter testing in labs.
Web Discovery
Flexible web fuzzer for experimenting with headers, cookies, forms, and request parameters.
1 tools
Analysis
Browser-based workspace for decoding, encoding, hashing, compression, and data transformation exercises.
2 tools
Lab Validation
Security testing framework best used in legal labs to understand vulnerability validation and remediation.
Lab Validation
Metasploit payload generation utility for controlled exploit-development and detection labs.
8 tools
Reverse Engineering
Software reverse-engineering suite for binary analysis, disassembly, and decompilation learning.
Reverse Engineering
Free edition of the IDA reverse-engineering platform for studying binaries and disassembly basics.
Reverse Engineering
Scriptable open source reverse-engineering framework for binary analysis and low-level inspection.
Reverse Engineering
Commercial reverse-engineering platform with a strong API and modern binary-analysis workflow.
Reverse Engineering
Open source Windows debugger for dynamic analysis of x86 and x64 programs.
Reverse Engineering
Graphical reverse-engineering interface built around Radare2 and Rizin-style workflows.
Reverse Engineering
Portable executable viewer and editor for inspecting Windows binary structure.
Reverse Engineering
Detect-It-Easy identifies compilers, packers, and file characteristics in unknown binaries.
7 tools
Forensics
Memory forensics framework for analyzing RAM images during incident response and malware labs.
Forensics
Open source digital forensics platform for analyzing disk images, filesystems, and investigation artifacts.
Forensics
Command-line forensic tools and libraries for analyzing disk images and filesystems.
Forensics
Firmware analysis utility for finding embedded filesystems, compressed data, and known signatures.
Forensics
File-carving tool for recovering known file types from raw images and damaged media.
Forensics
Metadata reader and writer for images, PDFs, documents, audio, and video files.
Forensics
Forensic imaging utility for creating and verifying disk images during evidence collection practice.
2 tools
Wireless Security
Wireless security assessment suite for authorized Wi-Fi labs and defensive wireless auditing.
Wireless Security
Wireless network detector and sniffer for passive Wi-Fi and radio environment observation.
2 tools
Authentication Testing
Authentication testing tool for controlled labs and authorized checks of login hardening.
Authentication Testing
Parallel login-auditing tool for controlled checks against authorized lab services.
2 tools
Network Utilities
Small networking utility for opening TCP/UDP connections, banner checks, and lab troubleshooting.
Network Utilities
Modern Netcat-style utility from the Nmap project with SSL, proxy, and connection brokering support.
2 tools
Network Security
Network security framework for studying traffic interception and local-network attack paths in labs.
Network Security
Python library for crafting, sending, receiving, and analyzing packets in custom network experiments.
3 tools
Active Directory
Windows network lab tool for demonstrating name-resolution poisoning and credential exposure risk.
Active Directory
Python network protocol toolkit widely used for Windows and Active Directory security labs.
Active Directory
Kerberos account-enumeration and authentication-testing tool for controlled AD lab environments.
1 tools
Vulnerability Scanning
Template-based scanner for quickly checking known exposures and misconfigurations in authorized scopes.
3 tools
Practice Labs
Intentionally vulnerable PHP/MySQL web app for practicing common web vulnerabilities locally.
Practice Labs
OWASP intentionally vulnerable web application with lessons for common web security flaws.
Practice Labs
Intentionally vulnerable Linux VM commonly used for safe Metasploit and network-security practice.
3 tools
Exploit Development
Python library that simplifies CTF exploit scripts, process interaction, and binary challenge automation.
Exploit Development
Binary analysis helper for finding return-oriented programming gadgets in exploit-development labs.
Exploit Development
GNU Debugger plus security-focused plugins for inspecting crashes, memory, registers, and heap state.
1 tools
Research
Public exploit and proof-of-concept archive useful for vulnerability research and lab reproduction.
1 tools
Wordlists
Large collection of security testing wordlists for passwords, discovery, DNS, and fuzzing labs.
8 tools
OSINT
Graph-based OSINT platform for mapping relationships between infrastructure, identities, and public data.
OSINT
Reconnaissance tool for collecting public emails, names, domains, hosts, and related metadata.
OSINT
Search engine for internet-connected services, devices, banners, and exposed infrastructure.
OSINT
Internet search platform focused on exposed services, certificates, and infrastructure discovery.
OSINT
Modular web reconnaissance framework for organizing repeatable OSINT collection workflows.
OSINT
Automated OSINT platform for collecting public information about domains, IPs, emails, and entities.
OSINT
OWASP tool for subdomain enumeration and external attack-surface discovery.
OSINT
Browser-based directory of OSINT resources organized by investigation category.
8 tools
Malware Analysis
Interactive online malware sandbox for observing process, file, registry, and network behavior.
Malware Analysis
Self-hosted automated malware analysis sandbox for controlled behavioral reports.
Malware Analysis
Online malware-analysis service for automated behavioral reports and indicator extraction.
Malware Analysis
Multi-engine file, URL, domain, and hash triage platform for suspicious artifacts.
Malware Analysis
Pattern-matching language for writing detection rules based on strings and binary features.
Malware Analysis
Static Windows executable triage tool for imports, strings, indicators, entropy, and PE metadata.
Malware Analysis
Process scanner for finding injected, replaced, or suspicious executable code in memory.
Malware Analysis
Mandiant string-extraction tool for recovering obfuscated strings from malware samples.
6 tools
Cloud Security
AWS security testing framework for controlled cloud labs and authorized assessment workflows.
Cloud Security
Multi-cloud security posture review tool that reports risky configuration and permission patterns.
Cloud Security
Cloud security and compliance assessment tool for common benchmark and best-practice checks.
Cloud Security
AWS environment mapping tool for visualizing accounts, networks, and public exposure.
Cloud Security
Cloud enumeration tool that helps identify potentially risky paths across AWS environments.
Cloud Security
S3 bucket review tool for checking cloud storage exposure in authorized scopes.
2 tools
Container Security
Scanner for container images, filesystems, IaC, dependencies, secrets, and SBOMs.
Container Security
Kubernetes security tool for finding common cluster weaknesses in authorized environments.
7 tools
Practice Platforms
Guided cybersecurity learning platform with browser labs and structured beginner-to-intermediate paths.
Practice Platforms
Hands-on security lab platform with vulnerable machines, challenges, and structured academy content.
Practice Platforms
Student-friendly CTF platform with a large archive of beginner and intermediate challenges.
Practice Platforms
SSH-based wargames for learning Linux, shell usage, permissions, and security basics.
Practice Platforms
Systems security education platform focused on binary exploitation and low-level security.
Practice Platforms
Archive of intentionally vulnerable virtual machines for offline local lab practice.
Practice Platforms
Challenge platform covering web, network, forensics, cryptography, reverse engineering, and more.
7 tools
Workflow Essentials
Version-control workflow for storing scripts, notes, reports, and a public learning portfolio.
Workflow Essentials
Container platform for running tools, vulnerable apps, databases, and repeatable lab environments.
Workflow Essentials
Terminal multiplexer for persistent sessions, panes, and organized command-line workflows.
Workflow Essentials
Extensible code editor useful for security scripts, notes, remote editing, and lab automation.
Workflow Essentials
Local markdown note-taking app for linked cybersecurity notes, CTF writeups, and study maps.
Workflow Essentials
Screenshot and annotation tool useful for clean lab notes, reports, and CTF documentation.
Workflow Essentials
Offline password manager for lab credentials, API keys, SSH passphrases, and account hygiene.
1 tools
Cryptography
Command-line toolkit for TLS, certificates, keys, hashes, and cryptographic troubleshooting.
1 tools
API Security
Interactive OpenAPI documentation interface for understanding and testing API behavior.
10 tools
AI Security
Community risk framework for understanding common security failures in LLM-powered applications.
AI Security
Open source LLM vulnerability scanner for probing model and chatbot failure modes.
AI Security
Microsoft's Python Risk Identification Tool for structured generative-AI red-team automation.
AI Security
LLM testing and security platform for prompt evaluation, regression tests, and adversarial checks.
AI Security
AI agent evaluation and red-teaming platform for finding security, hallucination, and business-failure risks.
AI Security
NVIDIA open source Python toolkit for adding programmable guardrails to LLM applications.
AI Security
ML model security scanner focused on detecting risky model serialization artifacts.
AI Security
Security toolkit for scanning and sanitizing LLM inputs and outputs.
AI Security
Meta safety model family and recipes for classifying human-AI conversation safety risks.
AI Security
Knowledge base of adversary tactics and techniques against AI-enabled systems.