Virtual machines
Drives
Reconnaissance
Enumeration
Web applications
APIs
Cloud
Static analysis
Disassemblers
Debuggers
Decompilers
Program editing tools
Analysis automation programming
Exploitation tools
Exploit development
Assemblers
Compilers
Steganography
Social engineering
Additional hardware
Network
Wireless
Mobile tools
Data exfiltration
Cryptanalysis
Security information and event management
Threat intelligence
Threat hunting
Vulnerability management
Network traffic analysis
Endpoint detection and response
Digital forensics and incident response
Phishing analysis
Malware analysis
Active defence
Notes on tools used for security testing application programming interfaces (APIs), and experimenting with new tools.
Assess the strength of the security controls in place.
Arjun
wfuzz
Postman’s Collection Runner
Burp intruder