Virtual machines
Drives
Reconnaissance
Enumeration
Web applications
APIs
Cloud
Static analysis
Disassemblers
Debuggers
Decompilers
Program editing tools
Analysis automation programming
Exploitation tools
Exploit development
Assemblers
Compilers
Steganography
Social engineering
Additional hardware
Network
Wireless
Mobile devices
Data exfiltration
Cryptanalysis
Threat analysis
Vulnerability management
Network traffic analysis
Endpoint detection and response
Security information and event management
Digital forensics and incident response
Phishing analysis
Malware analysis
Build a virtual local testlab with tools for web application pentesting.
Labs, challenges, CTFs, application pentesting, teaming.
Setting up Burp Suite (Kali)
Setting up ZAP (Kali)
Using firefox as proxy for Burp and Zap
OAST alternatives
HTTP proxies and traffic analysers
Vulnerability discovery tools
Target recognition
Browser extensions
Create recon scripts