Offensive Security
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
Browse 458 offensive security tools
FEATURED
RELATED TASKS
A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.
A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.
A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.
A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.
SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
A VMware image for penetration testing purposes
A VMware image for penetration testing purposes
A payload creation framework for generating and executing C# code payloads with anti-evasion capabilities for offensive security operations.
A payload creation framework for generating and executing C# code payloads with anti-evasion capabilities for offensive security operations.
Abusing DNSAdmins privilege for escalation in Active Directory
Abusing DNSAdmins privilege for escalation in Active Directory
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.
Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
A next generation version of enum4linux with enhanced features for enumerating information from Windows and Samba systems.
A next generation version of enum4linux with enhanced features for enumerating information from Windows and Samba systems.
Pupy is an open-source, cross-platform C2 framework that provides remote access and control capabilities for compromised systems across Windows, Linux, OSX, and Android platforms.
Pupy is an open-source, cross-platform C2 framework that provides remote access and control capabilities for compromised systems across Windows, Linux, OSX, and Android platforms.
A collection of setup scripts for various security research tools with installers for tools like afl, angr, barf, and more.
A collection of setup scripts for various security research tools with installers for tools like afl, angr, barf, and more.
A Python script that converts shellcode into a PE32 or PE32+ file.
Online Telegram bot for collecting information on individuals from various websites.
Online Telegram bot for collecting information on individuals from various websites.
An open-source penetration testing framework for social engineering with custom attack vectors.
An open-source penetration testing framework for social engineering with custom attack vectors.
A collection of tips and tricks for container and container orchestration hacking and security testing.
A collection of tips and tricks for container and container orchestration hacking and security testing.
A comprehensive collection of resources for learning ARM assembly language and shellcode development.
A comprehensive collection of resources for learning ARM assembly language and shellcode development.
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
Offensive Security Tools - FAQ
Common questions about Offensive Security tools including selection guides, pricing, and comparisons.
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
