Offensive Security
273 tools and resources
FEATURED
Feature Your Cybersecurity Product
Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Boost Your VisibilityNEW
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.
Generates randomized C2 profiles for Cobalt Strike to evade detection.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.
A powerful tool for extracting passwords and performing various Windows security operations.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
A standard for conducting penetration tests, covering seven main sections from planning to reporting.
Abusing SCF files to gather user hashes from an unauthenticated writable Windows-based file share.
Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.
A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
An open-source intelligence collection, research, and artifact management tool inspired by SpiderFoot, Harpoon, and DataSploit.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
An open source network penetration testing framework with automatic recon and scanning capabilities.
A reminder that technology alone is not enough to stay secure against social engineering tactics.
Cyber security platform for automating adversary emulation, red-team assistance, and incident response, built on the MITRE ATT&CK™ framework.