Offensive Security for Penetration Testing
Task: Penetration Testing
Browse 212 security tools
FEATURED
RELATED TASKS
Online platform offering 700+ hands-on web security exercises and training
Online platform offering 700+ hands-on web security exercises and training
Offensive security services with penetration testing and vulnerability assessments
Offensive security services with penetration testing and vulnerability assessments
Red teaming service simulating real-world adversary attacks on organizations.
Red teaming service simulating real-world adversary attacks on organizations.
Red team service simulating nation-state threats to test defenses.
Red team service simulating nation-state threats to test defenses.
Ransomware attack simulation service to test security defenses and response
Ransomware attack simulation service to test security defenses and response
Subscription-based continuous red team testing across digital, physical & social
Subscription-based continuous red team testing across digital, physical & social
Red teaming service that emulates real-world adversaries to test defenses
Red teaming service that emulates real-world adversaries to test defenses
Threat emulation tool for adversary simulations and red team operations
Threat emulation tool for adversary simulations and red team operations
MCP server enabling AI agents to autonomously run 150+ security tools
MCP server enabling AI agents to autonomously run 150+ security tools
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
AI agent that autonomously discovers, exploits, and documents vulnerabilities.
AI agent that autonomously discovers, exploits, and documents vulnerabilities.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
A comprehensive repository of red teaming resources including cheatsheets, detailed notes, automation scripts, and practice platforms covering multiple cybersecurity domains.
A comprehensive repository of red teaming resources including cheatsheets, detailed notes, automation scripts, and practice platforms covering multiple cybersecurity domains.
A Docker-based penetration testing toolkit that provides a portable environment with GUI support and pre-installed security tools for web application testing and CTF activities.
A Docker-based penetration testing toolkit that provides a portable environment with GUI support and pre-installed security tools for web application testing and CTF activities.
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A collection of payloads and methodologies for web pentesting.
A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.
A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.
A list of services and how to claim (sub)domains with dangling DNS records.
A list of services and how to claim (sub)domains with dangling DNS records.
A Python library for automating time-based blind SQL injection attacks