Offensive Security Tools
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
Browse 245 offensive security tools
FEATURED
USE CASES
FourCore ATTACK is an adversary emulation platform to manage cyber risk with evidence
Syntax highlighting for Smali (Dalvik) Assembly language in Vim.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
A VMware image for penetration testing purposes
A powerful interactive packet manipulation program and library for network exploration and security testing.
Firefox browser extension for displaying and editing HTTP headers.
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
Boutique security firm offering red team, OSINT, and adversary simulation services.
AI agent for in-depth binary analysis and reverse engineering assistance.
R&D firm providing cyber defense & operational tech for DoD and DHS.
Offensive security firm offering AI pentesting, credential monitoring & compliance.
AI-assisted vulnerability research and advanced offensive cyber tooling firm.
AI agent platform for automating offensive security operations and evals.
Bundled offensive security suites combining pen testing, red teaming, and VM.
Red team toolkit for EDR evasion, initial access, and post-exploitation.
Post-exploitation threat emulation platform for red team operations.
Automated hardware reversing platform using robotics for embedded device analysis
Whole-system emulation environment for software dev, debugging, testing & security
DNS reconnaissance tool checking DNS records, subdomains, and third-party svcs
Private training course for IoT device pentesting and exploitation
Threat emulation tool for adversary simulations and red team operations
MCP server enabling AI agents to autonomously run 150+ security tools
Offensive Security Tools FAQ
Common questions about Offensive Security tools, selection guides, pricing, and comparisons.
Penetration testing evaluates specific systems or applications for vulnerabilities within a defined scope and timeframe. Red teaming simulates a real adversary with minimal restrictions, attempting to achieve specific objectives (access CEO email, exfiltrate customer data) using any attack vector: technical exploitation, social engineering, and physical access. Red teaming tests your entire security program, not just your technology.
