Offensive Security
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
Browse 468 offensive security tools
FEATURED
RELATED TASKS
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A tool for testing subdomain takeover possibilities at a mass scale.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
A brute force parameter discovery tool for identifying hidden GET and POST parameters in web applications during security assessments.
A brute force parameter discovery tool for identifying hidden GET and POST parameters in web applications during security assessments.
A tool to bypass Content Security Policy (CSP) restrictions
A fast and multi-purpose DNS toolkit for DNS reconnaissance and testing
A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.
A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.
A command-line tool that replaces all query string parameter values in URLs with a user-supplied value for security testing purposes.
A command-line tool that replaces all query string parameter values in URLs with a user-supplied value for security testing purposes.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
A command-line tool for parsing, creating, and manipulating JWT tokens
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A command-line tool for capturing automated screenshots of websites and mobile applications with support for multiple browsers and device emulations.
A command-line tool for capturing automated screenshots of websites and mobile applications with support for multiple browsers and device emulations.
A DNS rebinding attack framework for security researchers and penetration testers.
A DNS rebinding attack framework for security researchers and penetration testers.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A Python library that simplifies testing and exploiting race conditions in web applications using concurrent HTTP requests.
A Python library that simplifies testing and exploiting race conditions in web applications using concurrent HTTP requests.
Offensive Security Tools - FAQ
Common questions about Offensive Security tools including selection guides, pricing, and comparisons.
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
