Impacket
Python classes and scripts for low-level Windows network protocols (SMB, MSRPC, Kerberos, LDAP, etc.).
Why it is included
Library behind countless AD lab exercises and defensive detection engineering.
Best for
Controlled directory services testing and protocol research.
Strengths
- Protocol depth
- Example tools
- Research quality
Limitations
- Powerful—strictly for systems you own or are contracted to test
Good alternatives
Custom .NET tooling
Related tools
Security & Privacy
BloodHound
Active Directory attack-path graphing: ingest collectors, map privilege chains, and plan remediations.
Security & Privacy
NetExec
Network post-exploitation Swiss Army knife for SMB/WinRM/LDAP/MSSQL/WMI—successor spirit to CrackMapExec.
Security & Privacy
sqlmap
Automatic SQL injection and database takeover helper with fingerprinting, data exfiltration, and OS-shell paths.
Security & Privacy
evil-winrm
Ruby WinRM shell for pentesting: remote commands, file upload, Pass-the-Hash, and menu helpers.
Security & Privacy
Responder
LLMNR/NBT-NS/mDNS poisoner and rogue server suite for credential capture in internal test networks.
Security & Privacy
wifite2
Python wrapper automating Aircrack/Reaver/Bully flows for WEP/WPA wireless audits.