Offensive Security for Appsec
Ethical hacking tools and resources for penetration testing and red team operations. Task: AppsecExplore 30 curated tools and resources
RELATED TASKS
PINNED
Promoted • 4 tools
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.
A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.
A Python library for exploiting race conditions in web apps
A tool for generating .NET serialized gadgets for triggering .NET assembly load/execution.
A tool for generating .NET serialized gadgets for triggering .NET assembly load/execution.
Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.
Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.
Stealing Signatures and Making One Invalid Signature at a Time.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A framework for exploiting Android-based devices and applications
A framework for exploiting Android-based devices and applications
A credit card/magstripe spoofer that can emulate any magnetic stripe or credit card wirelessly.
A credit card/magstripe spoofer that can emulate any magnetic stripe or credit card wirelessly.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Phrack Magazine is a digital magazine that focuses on computer security and hacking, featuring articles, interviews, and tutorials on various topics related to computer security.
Phrack Magazine is a digital magazine that focuses on computer security and hacking, featuring articles, interviews, and tutorials on various topics related to computer security.
A black-box obfuscation tool for Android apps with Android App Bundle support.
A black-box obfuscation tool for Android apps with Android App Bundle support.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
A list of useful payloads and bypasses for Web Application Security.
A list of useful payloads and bypasses for Web Application Security.
A set of YARA rules for identifying files containing sensitive information
A set of YARA rules for identifying files containing sensitive information
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
DueDLLigence is an open-source tool for identifying and analyzing DLL hijacking vulnerabilities in Windows applications, providing automated analysis and remediation guidance.
DueDLLigence is an open-source tool for identifying and analyzing DLL hijacking vulnerabilities in Windows applications, providing automated analysis and remediation guidance.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
A PoC tool for generating Excel files with embedded macros without using Excel.
A PoC tool for generating Excel files with embedded macros without using Excel.
Tool for exploiting Sixnet RTUs to gain root level access with little effort.
Tool for exploiting Sixnet RTUs to gain root level access with little effort.