Offensive Security
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
Explore 455 curated cybersecurity tools, with 16,024+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for offensive security assessments.
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
A technique for social engineering and untrusted command execution using ClickOnce technology
A technique for social engineering and untrusted command execution using ClickOnce technology
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.
AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.
Detect users' operating systems and perform redirection with Apache mod_rewrite.
Detect users' operating systems and perform redirection with Apache mod_rewrite.
BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.
BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
FingerprintX is a standalone utility for service discovery on open ports.
FingerprintX is a standalone utility for service discovery on open ports.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.
Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.
Code injection library for OS X with cross-architecture support.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.
InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.
A tool to leak git repositories from misconfigured websites
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.
Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.
A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities
A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities
PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.
PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
Offensive Security Tools - FAQ
Common questions about Offensive Security tools including selection guides, pricing, and comparisons.
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
