Offensive Security
security-research

Other Tags in this Category
api-metadataapi-securityapparmorappsecappsec-testingappsec-toolasset-discoveryasset-inventoryattack-toolbug-huntingburp-suitecrawlerctfdata-miningdirectory-traversaldnsdns-rebindingdockerdocker-composeedrendpointexploitexploitationfile-inclusionfuzzerfuzzinggographqlguiincident-responseinteractivejavascriptlfilocal-file-inclusionmetasploitpassword-crackingpayloadspenetration-testingpentestingprotocol-analysisrebindingreverse-shellscannerscanningscriptingsecret-detectionsecurity-researchsecurity-testingshellsiemssrfsubdomain-enumerationsubdomain-takeovervulnerability-managementvulnerability-scanningwebweb-application-securityweb-scanningweb-scrapingweb-securityxss

FEATURED

Feature Your Cybersecurity Product

Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.

Reach out!

NEW

httprebind Logo

httprebind

0 (0)

Automatic tool for DNS rebinding-based SSRF attacks

Offensive Security
Free
dns-rebindingssrfpenetration-testingsecurity-researchweb-application-security
tko-subs Logo

tko-subs

0 (0)

A tool for detecting and taking over subdomains with dead DNS records

Offensive Security
Free
dnssubdomain-takeoversecurity-researchpenetration-testing
DNS Rebind Toolkit Logo

DNS Rebind Toolkit

0 (0)

A front-end JavaScript toolkit for creating DNS rebinding attacks

Offensive Security
Free
dnsrebindingattack-toolpenetration-testingsecurity-research
Sudomy Logo

Sudomy

0 (0)

A subdomain enumeration tool for bug hunting and pentesting

Offensive Security
Free
subdomain-enumerationbug-huntingpentestingsecurity-research
dref Logo

dref

0 (0)

A DNS rebinding exploitation framework

Offensive Security
Free
dnsrebindingexploitationframeworksecurity-researchpenetration-testing
Turbo Intruder Scripts Logo

Turbo Intruder Scripts

0 (0)

A collection of scripts for Turbo Intruder, a penetration testing tool

Offensive Security
Free
penetration-testingsecurity-researchautomationscripting
Singularity Logo

Singularity

0 (0)

A DNS rebinding attack framework for security researchers and penetration testers.

Offensive Security
Free
dns-rebindingpenetration-testingsecurity-researchweb-application-securitynetwork-security
Tugarecon Logo

Tugarecon

0 (0)

A subdomain enumeration tool for penetration testers and security researchers.

Offensive Security
Free
subdomain-enumerationpenetration-testingsecurity-researchsearch-enginedatabaseenumeration
WayMore Logo

WayMore

0 (0)

A tool that finds more information about a given URL or domain by querying multiple data sources.

Offensive Security
Free
url-scanningsubdomain-discoveryip-addresssecurity-researchpenetration-testing
ParamSpider Logo

ParamSpider

0 (0)

A tool for mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Offensive Security
Free
bug-bountybug-huntingfuzzingsecurity-researchweb-application-securityweb-scraping
Gato Logo

Gato

0 (0)

A tool for enumerating and attacking GitHub Actions pipelines

Offensive Security
Free
githubsecurity-researchpenetration-testing
hakrawler Logo

hakrawler

0 (0)

A simple, fast web crawler for discovering endpoints and assets in a web application

Offensive Security
Free
crawlerweb-crawlerweb-securityvulnerability-scanningpenetration-testingsecurity-research
ROP Wargame Repository Logo

ROP Wargame Repository

0 (0)

Collection of Return-Oriented Programming challenges for practicing exploitation skills.

Offensive Security
Free
ropbinary-exploitationexploitationbinary-securitysecurity-research
Macro_Pack Logo

Macro_Pack

0 (0)

Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.

Offensive Security
Free
appsecautomationpentestred-teamsecurity-researchsocial-engineering
AFE Android Framework for Exploitation Logo

AFE Android Framework for Exploitation

0 (0)

A framework for exploiting Android-based devices and applications

Offensive Security
Free
appsecapp-securitypenetration-testingvulnerability-assessmentsecurity-research
Evilginx2 Logo

Evilginx2

0 (0)

A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.

Offensive Security
Free
phishingpenetration-testingsecurity-researchattack-vector
Shadow Workers Logo

Shadow Workers

0 (0)

A free and open source C2 and proxy for penetration testers

Offensive Security
Free
c2proxypenetration-testingxsssecurity-research
Darkarmour Logo

Darkarmour

0 (0)

Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.

Offensive Security
Free
appsecmalwarepenetration-testingsecurity-researchwindows
Dendrobate Logo

Dendrobate

0 (0)

A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.

Offensive Security
Free
dotnetcode-injectionsecurity-research
Domain Hunter Logo

Domain Hunter

0 (0)

A tool that checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names.

Offensive Security
Free
phishingc2security-research
SharpSploit Logo

SharpSploit

0 (0)

A comprehensive .NET post-exploitation library designed for advanced security testing.

Offensive Security
Free
post-exploitationpenetration-testingsecurity-researchcsharpdotnetlibrary