Offensive Security

273 tools and resources

Tags in this Category
analyticsanti-forensicsapacheapparmorappsecappsecurityasset-discoveryattack-platformautomationblue-teambrowser-securitybrute-forcebruteforcec2cobalt-strikecommand-and-controlcontainer-securitycross-platformcsvdnsdockerenumerationexploitexploitation-frameworkfridafuzzingincident-responseinjectionkerberoslateral-movementmalleable-c2metasploitmod_rewritepayloadpayload-generationpayloadspenetration-testingpentestphishingpost-exploitationprivilege-escalationproxyred-teamrfidsecuritysecurity-automationsecurity-configurationsecurity-testingsmtpsqlsshsubdomain-discoverytestingvulnerabilityvulnerability-exploitationweb-app-securityweb-application-securityweb-security

FEATURED

Feature Your Cybersecurity Product

Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.

Boost Your Visibility

NEW

Red Team Planning Document Logo
Red Team Planning Document
0.0

A document that helps inform red team planning by contrasting against the very specific red team style described in Red Teams.

Offensive Security
Free
CrossC2 Logo
CrossC2
0.0

CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.

Offensive Security
Free
c2cross-platformpayload-generationpayloadsred-team
Serving Random Payloads with Apache mod_rewrite Logo
Serving Random Payloads with Apache mod_rewrite
0.0

A tutorial on how to use Apache mod_rewrite to randomly serve payloads in phishing attacks

Offensive Security
Free
phishingpayloadcommand-and-controlapachemod_rewritepentest
The Absurdly Underestimated Dangers of CSV Injection Logo
The Absurdly Underestimated Dangers of CSV Injection
0.0

A blog post discussing the often overlooked dangers of CSV injection in applications.

Offensive Security
Free
csvinjectionvulnerabilitysecurityweb-app-securityappsec
Wfuzz Logo
Wfuzz
0.0

Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.

Offensive Security
Free
appsecbruteforceinjectionweb-application-securityweb-security
Grendel-Scan Logo
Grendel-Scan
0.0

A tool for automated security scanning of web applications and manual penetration testing.

Offensive Security
Free
appsecappsecuritypenetration-testingweb-app-securityweb-security
How to Write Malleable C2 Profiles for Cobalt Strike Logo
How to Write Malleable C2 Profiles for Cobalt Strike
0.0

Learn how to create new Malleable C2 profiles for Cobalt Strike to avoid detection and signatured toolset

Offensive Security
Free
c2cobalt-strikemalleable-c2command-and-control
Dirtyc0w Docker POC Logo
Dirtyc0w Docker POC
0.0

Utilizes dirtyc0w kernel exploit for privilege escalation in a Docker container.

Offensive Security
Free
dockerprivilege-escalationexploitapparmorcontainer-security
Projectdiscovery.io | Chaos Logo
Projectdiscovery.io | Chaos
0.0

A powerful enumeration tool for discovering assets and subdomains.

Offensive Security
Free
dnsasset-discoverysubdomain-discovery
PowerUpSQL Logo
PowerUpSQL
0.0

Tool for attacking Active Directory environments through SQL Server access.

Offensive Security
Free
sqlattack-platformpenetration-testing
Combatting Incident Responders with Apache mod_rewrite Logo
Combatting Incident Responders with Apache mod_rewrite
0.0

Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.

Offensive Security
Free
phishingincident-responseanti-forensics
Redirect.rules Logo
Redirect.rules
0.0

A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.

Offensive Security
Free
appsecapparmorappsecuritysecurity-configurationsecurity-automation
MockSSH Logo
MockSSH
0.0

Emulate operating systems behind SSH servers for testing automation.

Offensive Security
Free
sshtestingautomationsecurity-testing
BeEF Logo
BeEF
0.0

BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.

Offensive Security
Free
penetration-testingweb-application-securitybrowser-securityexploitation-framework
Kerberos Party Tricks Logo
Kerberos Party Tricks
0.0

Weaponizing Kerberos protocol flaws for stealthy attacks on domain users.

Offensive Security
Free
kerberosvulnerability-exploitationenumerationbrute-force
PoshC2 Logo
PoshC2
0.0

A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.

Offensive Security
Free
c2proxypenetration-testingred-teampost-exploitationlateral-movementpayloads
Metasploit Payloads Logo
Metasploit Payloads
0.0

A unified repository for different Metasploit Framework payloads.

Offensive Security
Free
metasploitpayloads
Android greybox fuzzing with AFL++ Frida mode Logo
Android greybox fuzzing with AFL++ Frida mode
0.0

A repository containing material for Android greybox fuzzing with AFL++ Frida mode

Offensive Security
Free
fuzzingfrida
A practical guide to RFID badge copying Logo
A practical guide to RFID badge copying
0.0

A guide to bypassing RFID card reader security mechanisms using specialized hardware

Offensive Security
Free
blue-teamred-teamrfid
Majestic Million Logo
Majestic Million
0.0

Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.

Offensive Security
Free
analytics
Covert Red Team Attack Infrastructure Logo
Covert Red Team Attack Infrastructure
0.0

Back-end component for red team operations with crucial design considerations.

Offensive Security
Free
red-teamsmtp
1112
13