Offensive Security for Python
Ethical hacking tools and resources for penetration testing and red team operations. Task: PythonExplore 21 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.
A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Open source application for retrieving passwords stored on a local computer with support for various software and platforms.
Open source application for retrieving passwords stored on a local computer with support for various software and platforms.
ISF (Industrial Exploitation Framework) - An exploitation framework for industrial systems with various ICS protocol clients and exploit modules.
ISF (Industrial Exploitation Framework) - An exploitation framework for industrial systems with various ICS protocol clients and exploit modules.
RTA provides a framework of scripts for blue teams to test detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.
RTA provides a framework of scripts for blue teams to test detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.
Pacu is an open-source AWS exploitation framework for offensive security testing against cloud environments.
Pacu is an open-source AWS exploitation framework for offensive security testing against cloud environments.
Modular framework for pentesting Modbus protocol with diagnostic and offensive features.
Modular framework for pentesting Modbus protocol with diagnostic and offensive features.
CTF toolkit for rapid exploit development and prototyping.
A Python-based educational network hacking toolkit that implements various attack techniques including ARP poisoning, DHCP attacks, subdomain enumeration, and web technology identification.
A Python-based educational network hacking toolkit that implements various attack techniques including ARP poisoning, DHCP attacks, subdomain enumeration, and web technology identification.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A Python script for creating a cohesive and up-to-date penetration testing framework.
An open-source intelligence collection, research, and artifact management tool inspired by SpiderFoot, Harpoon, and DataSploit.
An open-source intelligence collection, research, and artifact management tool inspired by SpiderFoot, Harpoon, and DataSploit.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.
Tool for exploiting Sixnet RTUs to gain root level access with little effort.
Tool for exploiting Sixnet RTUs to gain root level access with little effort.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
A post-exploitation tool for Azure Active Directory and Office 365 environments that manages access tokens and provides interactive access to Microsoft 365 services.
A post-exploitation tool for Azure Active Directory and Office 365 environments that manages access tokens and provides interactive access to Microsoft 365 services.