Offensive Security

Ethical hacking tools and resources for penetration testing and red team operations.Explore 277 curated tools and resources

Search tools and resources by name, description, or purpose... (⌘+K)

All

Free

Commercial

Task

RELATED TASKS

ai (1)analytics (1)anti-forensics (1)antivirus (1)apache (3)api-metadata (1)api-security (2)apktool (1)app-security (1)apparmor (6)

PINNED

PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
2
Commercial
Offensive Security
Ai
Penetration Testing
Automation
Security Testing
Exploitation
Reconnaissance
Reporting
Security Assessment
Offensive Security
Vulnerability Exploitation
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
2
Commercial
Offensive Security
Ai
Penetration Testing
Automation
+7
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
0
Commercial
Threat Management
Threat Intelligence
Detection Rules
Siem
Security Operations
Cti
Threat Detection
Security Monitoring
Rule Management
Threat Hunting
Security Information And Event Management
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
0
Commercial
Threat Management
Threat Intelligence
Detection Rules
Siem
+7
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
3
Commercial
Digital Forensics
Osint
Information Security
Security Tools
Data Breach
Reconnaissance
Security Research
Threat Intelligence
Red Team
Blue Team
Vulnerability Assessment
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
3
Commercial
Digital Forensics
Osint
Information Security
Security Tools
+7
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
Dark Web Monitoring
Cloud Security
Vulnerability Management
Compliance
Third Party Risk
Threat Intelligence
Security Monitoring
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
+7
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Software Supply Chain
Open Source
Sbom
Security Scanning
Devsecops
Vulnerability Detection
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+6
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
-1
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
Compliance
Container Security
Cloud Compliance
Api Security
Kubernetes Security
Security Monitoring
Security Automation
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
-1
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
+7

LATEST ADDITIONS

Gospider
Fast web spider written in Go
0
Free
Offensive Security
Crawler
Go
Web Scraping
Data Mining
Gospider
Fast web spider written in Go
0
Free
Offensive Security
Crawler
Go
Web Scraping
+1
Burp-LFI-tests
A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.
0
Free
Offensive Security
Appsec
Appsec Testing
Burp Suite
Fuzzing
Lfi
Local File Inclusion
Burp-LFI-tests
A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.
0
Free
Offensive Security
Appsec
Appsec Testing
Burp Suite
+3
thc-hydra
A login cracker that can be used to crack many types of authentication protocols.
0
Free
Offensive Security
Password Cracking
thc-hydra
A login cracker that can be used to crack many types of authentication protocols.
0
Free
Offensive Security
Password Cracking
httprebind
Automatic tool for DNS rebinding-based SSRF attacks
0
Free
Offensive Security
Dns Rebinding
Ssrf
Penetration Testing
Security Research
Web Application Security
httprebind
Automatic tool for DNS rebinding-based SSRF attacks
0
Free
Offensive Security
Dns Rebinding
Ssrf
Penetration Testing
+2
cariddi
A tool for security researchers and penetration testers to automate the process of finding sensitive information on a target domain.
0
Free
Offensive Security
Api Metadata
Asset Inventory
Asset Discovery
Secret Detection
cariddi
A tool for security researchers and penetration testers to automate the process of finding sensitive information on a target domain.
0
Free
Offensive Security
Api Metadata
Asset Inventory
Asset Discovery
+1
XSSOauthPersistence
Maintaining account persistence via XSS and Oauth
0
Free
Offensive Security
Xss
XSSOauthPersistence
Maintaining account persistence via XSS and Oauth
0
Free
Offensive Security
Xss
LFISuite
A tool for Local File Inclusion (LFI) exploitation and scanning
0
Free
Offensive Security
Lfi
Scanner
Reverse Shell
Exploit
File Inclusion
LFISuite
A tool for Local File Inclusion (LFI) exploitation and scanning
0
Free
Offensive Security
Lfi
Scanner
Reverse Shell
+2
tko-subs
A tool for detecting and taking over subdomains with dead DNS records
0
Free
Offensive Security
Dns
Subdomain Takeover
Security Research
Penetration Testing
tko-subs
A tool for detecting and taking over subdomains with dead DNS records
0
Free
Offensive Security
Dns
Subdomain Takeover
Security Research
+1
DNS Rebind Toolkit
A front-end JavaScript toolkit for creating DNS rebinding attacks
0
Free
Offensive Security
Dns
Rebinding
Attack Tool
Penetration Testing
Security Research
DNS Rebind Toolkit
A front-end JavaScript toolkit for creating DNS rebinding attacks
0
Free
Offensive Security
Dns
Rebinding
Attack Tool
+2
SSRFmap
Automatic SSRF fuzzer and exploitation tool
0
Free
Offensive Security
Ssrf
Fuzzer
Exploitation
Penetration Testing
SSRFmap
Automatic SSRF fuzzer and exploitation tool
0
Free
Offensive Security
Ssrf
Fuzzer
Exploitation
+1
vaf
A cross-platform web fuzzer written in Nim
0
Free
Offensive Security
Fuzzing
Protocol Analysis
Security Testing
vaf
A cross-platform web fuzzer written in Nim
0
Free
Offensive Security
Fuzzing
Protocol Analysis
Security Testing
Sudomy
A subdomain enumeration tool for bug hunting and pentesting
0
Free
Offensive Security
Subdomain Enumeration
Bug Hunting
Pentesting
Security Research
Sudomy
A subdomain enumeration tool for bug hunting and pentesting
0
Free
Offensive Security
Subdomain Enumeration
Bug Hunting
Pentesting
+1
SSRF-Sheriff
A simple SSRF-testing sheriff written in Go
0
Free
Offensive Security
Ssrf
Go
Web Security
Vulnerability Scanning
SSRF-Sheriff
A simple SSRF-testing sheriff written in Go
0
Free
Offensive Security
Ssrf
Go
Web Security
+1
Turbo Intruder
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
0
Free
Offensive Security
Burp Suite
Vulnerability Scanning
Http Requests
Penetration Testing
Security Testing
Turbo Intruder
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
0
Free
Offensive Security
Burp Suite
Vulnerability Scanning
Http Requests
+2

Offensive Security

RELATED TASKS

PINNED

PTJunior

PTJunior

CTIChef.com Detection Feeds

CTIChef.com Detection Feeds

OSINTLeak

OSINTLeak

ImmuniWeb® Discovery

ImmuniWeb® Discovery

Checkmarx SCA

Checkmarx SCA

Orca Security

Orca Security

LATEST ADDITIONS

Gospider

Gospider

Burp-LFI-tests

Burp-LFI-tests

thc-hydra

thc-hydra

httprebind

httprebind

cariddi

cariddi

XSSOauthPersistence

XSSOauthPersistence

LFISuite

LFISuite

tko-subs

tko-subs

DNS Rebind Toolkit

DNS Rebind Toolkit

SSRFmap

SSRFmap

vaf

vaf

Sudomy

Sudomy

SSRF-Sheriff

SSRF-Sheriff

Turbo Intruder

Turbo Intruder