My pentesting setup
My setup
My setup is fairly simple. I use a number of tools and plugins for testing. I've tried to include free alternatives to BURP Suite Professional throughout the guide where possible.
For the operating system, I recommend Kali for beginners. Those that are purely focused on web app pentesting might want to consider other options or simply installing your tools on your preferred OS.
Debian
i3
BURP Suite Professional
Plugins: Autorize, Coverter, Copy as Python Requests
Visual Studio Code
Plugins: Prettier, Intellisense
Obsidian (syncs to a private github repo)
I'm slowly migrating to Joplin
Postman
Firefox
FoxyProxy
Cookie Editor
Containers
Mozilla VPN
FFUF
I'm slowly migrating to Feroxbuster
cURL
Docker
Docker-compose
SQLMap
Python3
Pyenv
Last updated