Exploitation
Browse 65 exploitation tools
FEATURED
Automated pentest tool validating web apps against OWASP Top 10 CWEs.
Automated pentest tool validating web apps against OWASP Top 10 CWEs.
Managed pen testing service simulating cyberattacks to find vulnerabilities.
Managed pen testing service simulating cyberattacks to find vulnerabilities.
Manual + automated network pen testing service for compliance & vuln assessment.
Manual + automated network pen testing service for compliance & vuln assessment.
Manual pentest service covering infra, apps, and social engineering.
Manual pentest service covering infra, apps, and social engineering.
CREST-certified wireless network pen testing service with 6-step methodology.
CREST-certified wireless network pen testing service with 6-step methodology.
CREST-certified network & infrastructure pen testing service.
CREST-certified network & infrastructure pen testing service.
PTES-aligned penetration testing service simulating real-world attacks.
PTES-aligned penetration testing service simulating real-world attacks.
Manual penetration testing service to identify and exploit vulnerabilities
Manual penetration testing service to identify and exploit vulnerabilities
Advanced penetration testing methodology for comprehensive security assessments
Advanced penetration testing methodology for comprehensive security assessments
Risk-based vuln mgmt platform using ML to prioritize exploited CVEs
Risk-based vuln mgmt platform using ML to prioritize exploited CVEs
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.
A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.
AI agent that autonomously discovers, exploits, and documents vulnerabilities.
AI agent that autonomously discovers, exploits, and documents vulnerabilities.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.
A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
A collection of customizable automation scripts for Turbo Intruder that facilitate vulnerability scanning, exploitation, and data extraction in penetration testing workflows.
A collection of customizable automation scripts for Turbo Intruder that facilitate vulnerability scanning, exploitation, and data extraction in penetration testing workflows.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
