Penetration Testing
Explore 217 curated tools and resources
LATEST ADDITIONS
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
XBOW is an AI-driven tool that autonomously discovers and exploits web application vulnerabilities, aiming to match the capabilities of experienced human pentesters.
A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
A compilation of Red Teaming resources including cheatsheets, notes, scripts, and practice platforms for cybersecurity learning and skill development.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
A lightweight and portable Docker container for penetration testers and CTF players
A penetration testing framework for identifying and exploiting vulnerabilities.
A powerful directory/file, DNS and VHost busting tool written in Go.
A fast and simple recursive content discovery tool
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A simple snippet to increment ../ on the URL.
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
Automate the exploitation of XXE vulnerabilities
A tool for enumerating subdomains of a given domain
Fast passive subdomain enumeration tool
A list of services and how to claim (sub)domains with dangling DNS records.
A Python library for automating time-based blind SQL injection attacks
A Python-based web application scanner for OSINT and fuzzing OWASP vulnerabilities
Automatic tool for DNS rebinding-based SSRF attacks
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A tool for detecting and taking over subdomains with dead DNS records
A fast domain resolver and subdomain bruteforcing tool
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A front-end JavaScript toolkit for creating DNS rebinding attacks
A list of vulnerable applications for testing and learning
A tool that recovers passwords from pixelized screenshots
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A Burp extension to detect alias traversal via NGINX misconfiguration at scale.
A bash script for scanning a target network for HTTP resources through XXE
Command line tool for testing CRLF injection on a list of domains.
A security tool to identify interesting files in AWS S3 buckets
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
A framework for testing and exploiting race conditions in software
A collection of scripts for Turbo Intruder, a penetration testing tool
A DNS rebinding attack framework for security researchers and penetration testers.
A tool to discover new target domains using Content Security Policy
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
A tool for scanning and identifying potential security risks in GitHub organizations, users, and repositories.
A subdomain enumeration tool for penetration testers and security researchers.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
A tool that finds more information about a given URL or domain by querying multiple data sources.
Deliberately vulnerable web application for security professionals to practice attack techniques.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A tool for enumerating and attacking GitHub Actions pipelines
A fuzzer for detecting open redirect vulnerabilities
Open-source Java application for creating proxies for traffic analysis & modification.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
A honeypot that emulates a Belkin N300 Home Wireless router with default setup to observe traffic
A simple, fast web crawler for discovering endpoints and assets in a web application
An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.
Technique used to forward one URL to another.
A deliberately insecure web application for teaching web application security lessons maintained by OWASP.
IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.
A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
A framework for exploiting Android-based devices and applications
A vulnerable Android application demonstrating various security issues and vulnerabilities
A utility to generate malicious network traffic for security evaluation.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
Korean cyber-security challenge platform for exploiting and defending web application vulnerabilities.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
A collection of Microsoft PowerShell modules for penetration testing purposes.
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.
A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
A tool for identifying potential security vulnerabilities in web applications
A free and open source C2 and proxy for penetration testers
A tool for generating permutations, alterations and mutations of subdomains and resolving them
A lightweight, first-stage C2 implant written in Nim for remote access and control.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
A Live CD and Live USB for penetration testing and security assessment
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A series of small test cases designed to exercise different parts of a static security analyzer
A tool to profile web applications based on response time discrepancies.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
An open-source phishing toolkit for businesses and penetration testers.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
Adversary emulation framework for testing security measures in network environments.
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
A massive SQL injection vulnerability scanner
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
Create a vulnerable active directory for testing various Active Directory attacks.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
A technique for social engineering and untrusted command execution using ClickOnce technology
A penetration testing tool that focuses on web browser exploitation
Security cheatsheets to aid penetration testers and security enthusiasts in remembering useful but not frequently used commands.
A Linux-based environment for penetration testing and vulnerability exploitation
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
A penetration testing tool for intercepting SSH connections and logging plaintext passwords.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
A C#-based Command and Control Framework for remote access and control of compromised systems.
A Python script for creating a cohesive and up-to-date penetration testing framework.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.
The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.
Automates SQL injection detection and exploitation
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
iOS application for testing iOS penetration testing skills in a legal environment.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
A simple Docker-based honeypot to detect port scanning
A standard for conducting penetration tests, covering seven main sections from planning to reporting.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
Hands-on cybersecurity training and testing platform with 1800+ labs
An open source network penetration testing framework with automatic recon and scanning capabilities.
A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
A comprehensive and immersive 13-week course by NYU Tandon's OSIRIS Lab introducing students to offensive security with practical applications and research projects.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
A comprehensive .NET post-exploitation library designed for advanced security testing.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
Smart traffic sniffing tool for penetration testers
A deliberately vulnerable modern day app with lots of DOM related bugs
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A VMware image for penetration testing purposes
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
Open source security auditing tool to search and dump system configuration.
An open-source framework for testing and validating the security of AWS services and resources.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A ruby script that scans for vulnerable 3rd-party web applications
Ansible role for deploying and managing Bifrozt honeypots
Fake SSH server that sends push notifications for login attempts
A PowerShell toolkit for attacking Azure environments
Open source web application security scanner with 200+ vulnerability identification capabilities.
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
An open-source penetration testing framework for social engineering with custom attack vectors.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
A comprehensive reference guide to Nmap's scripting engine and its various options, scripts, and target specifications.
A powerful interactive packet manipulation program and library for network exploration and security testing.
Linux-based operating system intentionally vulnerable for cybersecurity practice.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
A honeypot mimicking Tomcat manager endpoints to log requests and save attacker's WAR files for analysis.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
A wargaming network for penetration testers to practice their skills in a realistic environment.
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A popular free security tool for automatically finding security vulnerabilities in web applications
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
A collection of resources for practicing penetration testing
A cheat sheet providing examples of creating reverse shells for penetration testing.
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
A tool for testing Cross Site Scripting vulnerabilities
Simple script to check a domain's email protections and identify vulnerabilities.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.
A docker container with multiple vulnerable applications for cybersecurity training.
Sysreptor offers a customizable reporting solution for penetration testers and red teamers to streamline their security assessments.
A tool for automated security scanning of web applications and manual penetration testing.
Tool for attacking Active Directory environments through SQL Server access.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
Cybrary is an online learning platform that provides accessible and affordable training in cybersecurity skills.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
An intentionally insecure Android app designed to teach developers and security professionals about common app vulnerabilities.
A script to detect and remove Canary Tokens with simple signature-based detections.
Automate the search for Exploits and Vulnerabilities in important databases.
Vulnerable web application for beginners in penetration testing.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security