Pentest Box Tools

List of the tools contained in PentestBox

Note: Below are the only tools which are installed by default in PentestBox. But you can also install other tools through ToolsManager. To know the list of tools which can be installed through ToolsManager, visit modules.pentestbox.org .

Welcome to the PentestBox Tool List Website!
Here you will find a list of the tools which are inside PentestBox and how to use them.
You can see the list of a particular category using the left sidebar.

Let's say you want to use SQLMap, you can see it's description below on the Web Application Scanner Section and you will find something like given below The console above with sqlmap in it tells that if you need to use SQLmap then sqlmap is the alias for it. If you are not aware about the tool and it's functions then type something like sqlmap -h on console, it will display all the possible functions of that tool, sqlmap in our case.

To keep everything in short, there's only the aliases of a tool below their name.
I hope you will enjoy using PentestBox :)

View our demo video below to know more about usage of PentestBox.

Web Vulnerability Scanners

Web Applications Proxies

CMS Vulnerability Scanners

Web Crawlers

Information Gathering

Exploitation Tools

Password Attacks

Android Security

Reverse Engineering

Stress Testing


Forensic Tools

Wireless Attacks

Text Editors

To make PenetestBox more awesome, I have added Atom and vim as its text editors. After opening Atom it will spilt up the screen with Atom on one side and your terminal on the other side, while vim runs on the same tab. Atom splitting is done to make reporting much more easier by giving access to console and editor on same screen.

Linux Utilities

PentestBox provides nearly all Linux utilities in an Windows Environment. Below are the list of the Linux utilities which are inside PentestBox
antiword, basename, bash, bison, bzip2, cat, chmod, cmp, connect, cp, curl, cut, date, diff, dirname, du, env, expr, false, find, flex, gawk, git, grep, gunzip, gzip, head, id, kill, mkdir, md5sum, ls, ln , mv, openssl, patch, ps, rebase, rm, rmdir, scp, sh, ssh-keygen, touch, tr, true, uname, uniq, unzip, wc, xargs

Also to make PentestBox more awesome we have also included HTTPie, HTTPie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output. HTTPie can be used for testing, debugging, and generally interacting with HTTP servers.


PentestBox also contains a modified version of Mozilla Firefox with all the security addons pre installed in it. To see all the addons which are pre installed in it, click here

Also, we have included SQLite Browser in it.


All the tools contained in PentestBox belong to their individual developers whose names are mentioned above along their respective tools. All credits to those tools go to their respective developers. All the tools are maintained inside the bin folder, no tool/product has been modified unless specified in the product description above. Tools are directly fetched from the respective Github repositories and/or their product websites. All Copyright Notice, License file, Disclaimer files are maintained in their respective folder if given on their products site/pages.

The developer assumes no liability and is not responsible for any misuse or damage caused by this program. Do not use it for illegal purposes!