Offensive Security
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
Explore 457 curated cybersecurity tools, with 15,161 visitors searching for solutions
FEATURED
RELATED TASKS
Offensive security services with penetration testing and vulnerability assessments
Offensive security services with penetration testing and vulnerability assessments
Red teaming service simulating real-world adversary attacks on organizations.
Red teaming service simulating real-world adversary attacks on organizations.
Red team service simulating nation-state threats to test defenses.
Red team service simulating nation-state threats to test defenses.
Ransomware attack simulation service to test security defenses and response
Ransomware attack simulation service to test security defenses and response
Subscription-based continuous red team testing across digital, physical & social
Subscription-based continuous red team testing across digital, physical & social
Red teaming service that emulates real-world adversaries to test defenses
Red teaming service that emulates real-world adversaries to test defenses
Threat emulation tool for adversary simulations and red team operations
Threat emulation tool for adversary simulations and red team operations
MCP server enabling AI agents to autonomously run 150+ security tools
MCP server enabling AI agents to autonomously run 150+ security tools
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
AI agent that autonomously discovers, exploits, and documents vulnerabilities.
AI agent that autonomously discovers, exploits, and documents vulnerabilities.
A proof-of-concept Node.js tool that demonstrates automated MFA bypass techniques for Microsoft Outlook accounts using browser automation.
A proof-of-concept Node.js tool that demonstrates automated MFA bypass techniques for Microsoft Outlook accounts using browser automation.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
A comprehensive repository of red teaming resources including cheatsheets, detailed notes, automation scripts, and practice platforms covering multiple cybersecurity domains.
A comprehensive repository of red teaming resources including cheatsheets, detailed notes, automation scripts, and practice platforms covering multiple cybersecurity domains.
A Docker-based penetration testing toolkit that provides a portable environment with GUI support and pre-installed security tools for web application testing and CTF activities.
A Docker-based penetration testing toolkit that provides a portable environment with GUI support and pre-installed security tools for web application testing and CTF activities.
Fetches known URLs from various sources for a given domain
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
Find exploits in local and online databases instantly
A collection of XSS payloads designed to turn alert(1) into P1
A collection of XSS payloads designed to turn alert(1) into P1
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
Offensive Security Tools - FAQ
Common questions about Offensive Security tools including selection guides, pricing, and comparisons.
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
