GyoiThon : GyoiThon is a growing penetration test tool using Machine Learning ( https://github.com/gyoisamurai/GyoiThon )
amass : Subdomain OSINT Enumeration ( https://github.com/OWASP/Amass )
aquatone : A Tool for Domain Flyovers ( https://github.com/michenriksen/aquatone https://michenriksen.com/blog/aquatone-now-in-go/ )
armitage : Cyber Attack Management for Metasploit ( http://www.fastandeasyhacking.com/ )
armitage-bin : Cyber Attack Management for Metasploit ( http://www.fastandeasyhacking.com/ )
badtouch : Scriptable network authentication cracker ( https://github.com/kpcyrd/badtouch )
bbrecon : Automated reconnaissance and information gathering (fork) ( https://gitlab.com/0bs1d1an/bbrecon )
bettercap : A complete, modular, portable and easily extensible MITM framework ( https://github.com/bettercap/bettercap/ )
bonesi : BoNeSi - the DDoS botnet simulator ( https://github.com/Markus-Go/bonesi )
cameradar : Cameradar hacks its way into RTSP videosurveillance cameras ( https://github.com/ullaakut/cameradar )
capanalysis : A web visual tool for information security specialists ( https://www.capanalysis.net https://github.com/xplico/CapAnalysis )
cisco-auditing-tool : Perl script which scans cisco routers for common vulnerabilities. ( http://www.scrypt.net/~g0ne )
cisco-torch : Cisco mass scanning, fingerprinting, and exploitation tool ( http://www.arhont.com/en/category/resources/tools-utilities/ )
commix : Automated All-in-One OS command injection and exploitation tool ( https://github.com/commixproject/commix )
cottontail : Capture all RabbitMQ messages being sent through a broker ( https://github.com/QKaiser/cottontail )
crackmapexec : A swiss army knife for pentesting Windows/Active Directory environments ( https://github.com/byt3bl33d3r/CrackMapExec/releases )
davtest : tests WebDAV enabled servers ( https://github.com/cldrn/davtest )
dirb : A Web Content Scanner to look for existing/hidden content ( http://dirb.sourceforge.net/ )
dirble-bin : Fast directory scanning and scraping tool ( https://github.com/nccgroup/dirble )
dirhunt : Dirhunt is a web crawler optimized for searching and analyzing web directories. ( https://github.com/Nekmo/dirhunt )
dirsearch : A simple command line tool designed to brute force dirs and files in websites ( https://github.com/maurosoria/dirsearch )
dnsrecon : DNS Enumeration Script ( https://github.com/darkoperator/dnsrecon )
droopescan : A scanner that helps identifying issues in Drupal, SilverStripe, and Wordpress ( https://github.com/droope/droopescan )
enteletaor : Message Queue and Broker Injection tool ( https://github.com/cr0hn/enteletaor )
enum4linux : A tool for enumerating information from Windows and Samba systems ( https://labs.portcullis.co.uk/application/enum4linux/ )
evilgrade : A modular framework that takes advantage of poor upgrade implementations by injecting fake updates. ( http://www.infobytesec.com/developments.html )
ffuf : Fast web fuzzer / directory brute force ( https://github.com/ffuf/ffuf )
fierce : A DNS reconnaissance tool for locating non-contiguous IP space ( https://github.com/mschwager/fierce )
findomain : The fastest and cross-platform subdomain enumerator, don't waste your time ( https://github.com/Findomain/Findomain )
geoipgen : Generate a list of hostnames based on country ( https://www.morningstarsecurity.com/research/geoipgen )
gitgraber : Tool to scan for sensitive information within public GitHub repositories ( https://github.com/hisxo/gitGraber )
gitrob : Reconnaissance tool for GitHub organizations ( https://github.com/michenriksen/gitrob https://michenriksen.com/blog/gitrob-now-in-go/ )
go-webanalyze : Port of Wappalyzer in Go to automate scanning ( https://github.com/rverton/webanalyze )
gobuster : A tool to brute-force URIs and DNS subdomains ( https://github.com/OJ/gobuster )
honeypots : 16 different honeypots for monitoring network traffic ( https://github.com/qeeqbox/honeypots )
httprint : HTTP fingerprinter tool ( http://net-square.com/httprint.html )
hyenae : a highly flexible packet generator ( http://sourceforge.net/projects/hyenae/ )
ifchk : A network interface promiscuous mode detection tool ( https://www.noorg.org/ifchk/ )
ike-scan : A utility for finding, fingerprinting and testing IKE VPN servers ( https://github.com/royhills/ike-scan/ )
iposint : Discovery IP Address of the target ( https://github.com/j3ssie/IPOsint )
jmsdigger-bin : JMSDigger is an Enterprise Messaging Application assessment tool focuses on ActiveMQ ( https://github.com/OpenSecurityResearch/jmsdigger )
kismet-analyzer : Library for parsing kismet results from the .kismet database file ( https://pypi.org/project/kismet-analyzer/ )
maketh : Ethernet packet injector and creator ( http://simpp-kode.tuxfamily.org/maketh/index.html )
maryam : OWASP Maryam is a modular open source OSINT and data gathering framework ( https://owasp.org/www-project-maryam/ )
masscan : Mass IP port scanner ( https://github.com/robertdavidgraham/masscan )
massdns : A high-performance DNS stub resolver for bulk lookups and reconnaissance ( https://github.com/blechschmidt/massdns )
medusa : A modular, parallel, multiprotocol, network login auditor ( http://foofus.net/goons/jmk/medusa/medusa.html )
metagoofil : Information gathering tool designed for extracting metadata of public documents ( http://www.edge-security.com/metagoofil.php )
metasploit : Advanced framework for developing, testing, and using vulnerability exploit code ( http://www.metasploit.org/ )
mosref : A secure remote execution framework using a compact Scheme-influenced VM ( https://sourceforge.net/projects/mosref/ )
nbtool : Some tools for NetBIOS and DNS investigation, attacks, and communication ( https://www.skullsecurity.org/wiki/index.php/Nbtool )
ncrack : Ncrack is a high-speed network authentication cracking tool ( https://nmap.org/ncrack/ )
nmap-vulners : NSE script based on Vulners.com API ( https://github.com/vulnersCom/nmap-vulners )
nmap_vulscan : A NSE vulnerability scanner which uses an offline version of scip VulDB ( http://www.computec.ch/projekte/vulscan/ )
ntlmrecon : A tool to enumerate information from NTLM authentication enabled web endpoints ( https://github.com/sachinkamath/NTLMRecon )
onesixtyone : An efficient SNMP scanner ( https://labs.portcullis.co.uk/application/onesixtyone/ )
osmedeus : A offensive security tool for reconnaissance and vulnerability scanning ( https://github.com/j3ssie/Osmedeus )
owtf : The Offensive Web Testing Framework ( https://github.com/owtf/owtf )
padbuster : Automated script for performing Padding Oracle attacks ( http://gdssecurity.com )
plecost : Wordpress finger printing tool, retrieve information about the plugins and versions installed ( http://www.iniqua.com/labs/plecost/ )
polenum : Extract password policy from a windows machine ( https://github.com/Wh1t3Fox/polenum )
ppscan : Port scanner with HTTP and FTP tunneling support ( https://packetstormsecurity.com/files/82897/PPScan-Portscanner-0.3.html )
pwncat : Netcat with IDS/IPS evasion, bind reverse shell and port forwarding magic ( https://github.com/cytopia/pwncat )
rdp-sec-check : Remote Desktop Protocol security settings checker ( https://github.com/portcullislabs/rdp-sec-check )
recon-ng : Web Reconnaissance Framework ( https://github.com/lanmaster53/recon-ng )
responder : LLMNR, NBT-NS and MDNS poisoner, HTTP/SMB/MSSQL/FTP/LDAP rogue authentication ( https://github.com/lgandx/Responder )
rpcapd : Remote packet capture daemon ( https://www.winpcap.org/devel.htm )
rshijack : A tcp connection hijacker, rust rewrite of shijack ( https://github.com/kpcyrd/rshijack )
ruler : A tool to abuse Exchange services ( https://github.com/sensepost/ruler )
rustscan : Faster Nmap Scanning with Rust ( https://github.com/brandonskerritt/RustScan )
s3scanner : Scan for open AWS S3 buckets and dump the contents ( https://github.com/sa7mon/S3Scanner )
scamper : Actively probes the Internet in order to analyze topology and performance ( http://www.caida.org/tools/measurement/scamper/ )
serialusb : A cheap USB proxy for input devices ( https://github.com/matlo/serialusb )
sessionlist : A HTTP packets sniffer ( https://github.com/iamrage/sessionlist )
set : A social engineering framework ( https://www.trustedsec.com/downloads/social-engineer-toolkit/ )
sitadel : Web application security scanner ( https://github.com/shenril/Sitadel )
smbmap : SMBMap is a handy SMB enumeration tool ( https://github.com/ShawnDEvans/smbmap )
sn0int : Semi-automatic OSINT framework and package manager ( https://github.com/kpcyrd/sn0int )
sniffglue : Secure multithreaded packet sniffer ( https://github.com/kpcyrd/sniffglue )
snmpenum : A perl script to enumerate SNMP table dumper ( http://packetstormsecurity.org )
sqlninja : A SQL Server injection and takeover tool ( https://sqlninja.sourceforge.net/ )
sslyze : Fast and full-featured SSL scanner ( https://github.com/nabla-c0d3/sslyze )
subfinder : A subdomain discovery tool that discovers valid subdomains for websites ( https://github.com/projectdiscovery/subfinder )
subjack : Subdomain Takeover tool written in Go ( https://github.com/haccer/subjack )
sublert : Monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate ( https://github.com/yassineaboukir/sublert )
sublist3r : Enumerate subdomains of websites using OSINT ( https://github.com/aboul3la/Sublist3r )
takeover : Sub-Domain TakeOver Vulnerability Scanner ( https://github.com/m4ll0k/takeover )
termshark : A terminal UI for tshark, inspired by Wireshark ( https://termshark.io/ )
testssl : Tool to check TLS/SSL cipher support ( https://testssl.sh/ )
thc-pptp-bruter : A brute force program that works against pptp vpn endpoints ( https://www.thc.org )
thc-ssl-dos : THC-SSL-DOS is a tool to verify the performance of SSL servers ( https://github.com/vanhauser-thc )
theHarvester : The Harvester is a tool designed to collect email accounts of the target domain ( http://www.edge-security.com/theharvester.php )
tplmap : Server-Side Template Injection and code injection tool ( https://github.com/epinna/tplmap )
twa : A tiny web auditor with strong opinions ( https://trailofbits.github.io/twa https://github.com/trailofbits/twa )
videojak : VideoJak is an IP Video security assessment tool ( http://videojak.sourceforge.net/ )
voiphopper : VoIP Hopper is a tool that rapidly runs a VLAN Hop into the Voice VLAN ( http://voiphopper.sourceforge.net/ )
wafw00f : Identifies and fingerprints Web Application Firewall (WAF) products ( https://github.com/sandrogauci/wafw00f )
webtech : Identify technologies used on websites ( https://github.com/ShielderSec/webtech )
wfuzz : Wfuzz is a tool designed for bruteforcing Web Applications ( http://www.edge-security.com/wfuzz.php https://github.com/xmendez/wfuzz )
whatweb : Next generation web scanner, identifies what software websites are running ( http://www.morningstarsecurity.com/research/whatweb )
xbruteforcer : Login brute force tool for WordPress, Joomla, DruPal, OpenCart, and Magento. ( https://github.com/Moham3dRiahi/XBruteForcer )
xplico : Extract data from TCP/IP traffic ( http://www.xplico.org )
xsstrike : Advanced XSS detection suite ( https://github.com/s0md3v/XSStrike )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a pentoo
For Paludis use this rsync : rsync://gentoo.zugaina.org/pentoo-portage
If you have a problem : ycarus(-at-)zugaina.org