Penetration Testing
Explore 246 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A web-based payload repository that generates and encodes ready-to-use exploits for SQL injection, XSS, file inclusion, and command injection vulnerabilities.
A web-based payload repository that generates and encodes ready-to-use exploits for SQL injection, XSS, file inclusion, and command injection vulnerabilities.
CAI is an open-source framework that enables security professionals to build and deploy AI-powered agents for automated offensive and defensive cybersecurity operations.
CAI is an open-source framework that enables security professionals to build and deploy AI-powered agents for automated offensive and defensive cybersecurity operations.
NetSPI Breach and Attack Simulation as a Service validates security control effectiveness through expert-led attack simulations mapped to the MITRE ATT&CK framework.
NetSPI Breach and Attack Simulation as a Service validates security control effectiveness through expert-led attack simulations mapped to the MITRE ATT&CK framework.
ZeroThreat is a cloud-based DAST platform that provides automated penetration testing and vulnerability detection for web applications and APIs with AI-driven remediation guidance.
ZeroThreat is a cloud-based DAST platform that provides automated penetration testing and vulnerability detection for web applications and APIs with AI-driven remediation guidance.
A comprehensive Continuous Threat Exposure Management platform that combines AI-driven vulnerability assessment, penetration testing, and attack surface management to help organizations discover, prioritize, and remediate security vulnerabilities.
A comprehensive Continuous Threat Exposure Management platform that combines AI-driven vulnerability assessment, penetration testing, and attack surface management to help organizations discover, prioritize, and remediate security vulnerabilities.
A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.
A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.
A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.
A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
PlexTrac is a centralized platform for penetration test reporting and threat exposure management that helps security teams streamline assessment workflows, prioritize remediation, and track security posture improvements.
PlexTrac is a centralized platform for penetration test reporting and threat exposure management that helps security teams streamline assessment workflows, prioritize remediation, and track security posture improvements.
Strobes Security Consulting Services provides an integrated cybersecurity platform that combines attack surface management, penetration testing, vulnerability management, and application security with expert consulting services.
Strobes Security Consulting Services provides an integrated cybersecurity platform that combines attack surface management, penetration testing, vulnerability management, and application security with expert consulting services.
A comprehensive application security platform combining specialized services and software tools to help organizations manage vulnerabilities throughout the software development lifecycle.
A comprehensive application security platform combining specialized services and software tools to help organizations manage vulnerabilities throughout the software development lifecycle.
A pentest management platform that automates reporting workflows, provides client collaboration tools, and streamlines the entire penetration testing lifecycle from scoping to remediation.
A pentest management platform that automates reporting workflows, provides client collaboration tools, and streamlines the entire penetration testing lifecycle from scoping to remediation.
ImmuniWeb® On-Demand is a web application penetration testing platform that combines AI-powered automation with manual security testing to provide comprehensive vulnerability assessments and compliance reporting.
ImmuniWeb® On-Demand is a web application penetration testing platform that combines AI-powered automation with manual security testing to provide comprehensive vulnerability assessments and compliance reporting.
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
An automated security testing platform that performs AI-driven penetration testing and vulnerability assessment for web applications and APIs with compliance reporting capabilities.
An automated security testing platform that performs AI-driven penetration testing and vulnerability assessment for web applications and APIs with compliance reporting capabilities.
A threat exposure management platform that unifies security operations by discovering assets, prioritizing vulnerabilities based on risk, and providing guided remediation across an organization's attack surface.
A threat exposure management platform that unifies security operations by discovering assets, prioritizing vulnerabilities based on risk, and providing guided remediation across an organization's attack surface.
Outpost24 Managed Security Services offers proactive security monitoring and management across networks, endpoints, applications, and clouds through a comprehensive CTEM platform with expert-led validation and unified risk visibility.
Outpost24 Managed Security Services offers proactive security monitoring and management across networks, endpoints, applications, and clouds through a comprehensive CTEM platform with expert-led validation and unified risk visibility.
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.
An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
XBOW is an AI-driven tool that autonomously discovers and exploits web application vulnerabilities, aiming to match the capabilities of experienced human pentesters.
XBOW is an AI-driven tool that autonomously discovers and exploits web application vulnerabilities, aiming to match the capabilities of experienced human pentesters.
A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.
A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
A compilation of Red Teaming resources including cheatsheets, notes, scripts, and practice platforms for cybersecurity learning and skill development.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
A lightweight and portable Docker container for penetration testers and CTF players
A lightweight and portable Docker container for penetration testers and CTF players
A penetration testing framework for identifying and exploiting vulnerabilities.
A penetration testing framework for identifying and exploiting vulnerabilities.
A powerful directory/file, DNS and VHost busting tool written in Go.
A fast and simple recursive content discovery tool
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A simple snippet to increment ../ on the URL.
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
Automate the exploitation of XXE vulnerabilities
A tool for enumerating subdomains of a given domain
Fast passive subdomain enumeration tool
A list of services and how to claim (sub)domains with dangling DNS records.
A list of services and how to claim (sub)domains with dangling DNS records.
A Python library for automating time-based blind SQL injection attacks
A Python-based web application scanner for OSINT and fuzzing OWASP vulnerabilities
A Python-based web application scanner for OSINT and fuzzing OWASP vulnerabilities
Automatic tool for DNS rebinding-based SSRF attacks
LinksDumper extracts links and potential endpoints from HTTP responses with filtering capabilities for web application security testing.
LinksDumper extracts links and potential endpoints from HTTP responses with filtering capabilities for web application security testing.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A tool for detecting and taking over subdomains with dead DNS records
A tool for detecting and taking over subdomains with dead DNS records
A fast domain resolver and subdomain bruteforcing tool
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A front-end JavaScript toolkit for creating DNS rebinding attacks
A front-end JavaScript toolkit for creating DNS rebinding attacks
A list of vulnerable applications for testing and learning
A list of vulnerable applications for testing and learning
A tool that recovers passwords from pixelized screenshots
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
HTTP parameter discovery suite
A Burp extension to detect alias traversal via NGINX misconfiguration at scale.
A Burp extension to detect alias traversal via NGINX misconfiguration at scale.
A bash script for scanning a target network for HTTP resources through XXE
A bash script for scanning a target network for HTTP resources through XXE
Command line tool for testing CRLF injection on a list of domains.
Command line tool for testing CRLF injection on a list of domains.
A security tool to identify interesting files in AWS S3 buckets
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
A framework for testing and exploiting race conditions in software
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A tool to dump a Git repository from a website
A collection of scripts for Turbo Intruder, a penetration testing tool
A collection of scripts for Turbo Intruder, a penetration testing tool
A DNS rebinding attack framework for security researchers and penetration testers.
A DNS rebinding attack framework for security researchers and penetration testers.
SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through an interactive testing interface.
SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through an interactive testing interface.
A tool to discover new target domains using Content Security Policy
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
A tool for scanning and identifying potential security risks in GitHub organizations, users, and repositories.
A tool for scanning and identifying potential security risks in GitHub organizations, users, and repositories.
A subdomain enumeration tool for penetration testers and security researchers.
A subdomain enumeration tool for penetration testers and security researchers.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
A tool that finds more information about a given URL or domain by querying multiple data sources.
A tool that finds more information about a given URL or domain by querying multiple data sources.
Deliberately vulnerable web application for security professionals to practice attack techniques.
Deliberately vulnerable web application for security professionals to practice attack techniques.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A tool for enumerating and attacking GitHub Actions pipelines
A fuzzer for detecting open redirect vulnerabilities
Open-source Java application for creating proxies for traffic analysis & modification.
Open-source Java application for creating proxies for traffic analysis & modification.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
A honeypot that emulates a Belkin N300 Home Wireless router with default setup to observe traffic
A honeypot that emulates a Belkin N300 Home Wireless router with default setup to observe traffic
A simple, fast web crawler for discovering endpoints and assets in a web application
A simple, fast web crawler for discovering endpoints and assets in a web application
Blacknet is a low interaction SSH multi-head honeypot system with logging capabilities.
A high-interaction honeypot solution for detecting and analyzing SMB-based attacks
An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.
An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.
Technique used to forward one URL to another.
A deliberately insecure web application for teaching web application security lessons maintained by OWASP.
IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.
A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.
A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
A framework for exploiting Android-based devices and applications
A framework for exploiting Android-based devices and applications
A vulnerable Android application demonstrating various security issues and vulnerabilities
A vulnerable Android application demonstrating various security issues and vulnerabilities
A utility to generate malicious network traffic for security evaluation.
A utility to generate malicious network traffic for security evaluation.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
Korean cyber-security challenge platform for exploiting and defending web application vulnerabilities.
Korean cyber-security challenge platform for exploiting and defending web application vulnerabilities.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
A collection of Microsoft PowerShell modules for penetration testing purposes.
A collection of Microsoft PowerShell modules for penetration testing purposes.
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.
A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.
Authenticated SSRF in Grafana
A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.
A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
A tool for identifying potential security vulnerabilities in web applications
A tool for identifying potential security vulnerabilities in web applications
A free and open source C2 and proxy for penetration testers
A tool for generating permutations, alterations and mutations of subdomains and resolving them
A tool for generating permutations, alterations and mutations of subdomains and resolving them
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
A Live CD and Live USB for penetration testing and security assessment
A Live CD and Live USB for penetration testing and security assessment
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A series of small test cases designed to exercise different parts of a static security analyzer
A series of small test cases designed to exercise different parts of a static security analyzer
A tool to profile web applications based on response time discrepancies.
A tool to profile web applications based on response time discrepancies.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
An open-source phishing toolkit for businesses and penetration testers.
An open-source phishing toolkit for businesses and penetration testers.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
Adversary emulation framework for testing security measures in network environments.
Adversary emulation framework for testing security measures in network environments.
A wargame that challenges your hacking skills
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
A massive SQL injection vulnerability scanner
SSH honeypot with rich features for recording and analyzing malicious activities.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
Create a vulnerable active directory for testing various Active Directory attacks.
Create a vulnerable active directory for testing various Active Directory attacks.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
A Python-based educational network hacking toolkit that implements various attack techniques including ARP poisoning, DHCP attacks, subdomain enumeration, and web technology identification.
A Python-based educational network hacking toolkit that implements various attack techniques including ARP poisoning, DHCP attacks, subdomain enumeration, and web technology identification.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
A technique for social engineering and untrusted command execution using ClickOnce technology
A technique for social engineering and untrusted command execution using ClickOnce technology
A penetration testing tool that focuses on web browser exploitation
A penetration testing tool that focuses on web browser exploitation
Security cheatsheets to aid penetration testers and security enthusiasts in remembering useful but not frequently used commands.
Security cheatsheets to aid penetration testers and security enthusiasts in remembering useful but not frequently used commands.
A Linux-based environment for penetration testing and vulnerability exploitation
A Linux-based environment for penetration testing and vulnerability exploitation
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
A penetration testing tool for intercepting SSH connections and logging plaintext passwords.
A penetration testing tool for intercepting SSH connections and logging plaintext passwords.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
A C#-based Command and Control Framework for remote access and control of compromised systems.
A C#-based Command and Control Framework for remote access and control of compromised systems.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A Python script for creating a cohesive and up-to-date penetration testing framework.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.
A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.
A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.
Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.
KFSensor is an advanced Windows honeypot system for detecting hackers and worms by simulating vulnerable system services.
The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.
The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.
Automates SQL injection detection and exploitation
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
iOS application for testing iOS penetration testing skills in a legal environment.
iOS application for testing iOS penetration testing skills in a legal environment.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
A simple Docker-based honeypot to detect port scanning
A standard for conducting penetration tests, covering seven main sections from planning to reporting.
A standard for conducting penetration tests, covering seven main sections from planning to reporting.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
Hands-on cybersecurity training and testing platform with 1800+ labs
Hands-on cybersecurity training and testing platform with 1800+ labs
An open source network penetration testing framework with automatic recon and scanning capabilities.
An open source network penetration testing framework with automatic recon and scanning capabilities.
A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.
A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
A comprehensive and immersive 13-week course by NYU Tandon's OSIRIS Lab introducing students to offensive security with practical applications and research projects.
A comprehensive and immersive 13-week course by NYU Tandon's OSIRIS Lab introducing students to offensive security with practical applications and research projects.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
A comprehensive .NET post-exploitation library designed for advanced security testing.
A comprehensive .NET post-exploitation library designed for advanced security testing.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
Smart traffic sniffing tool for penetration testers
A deliberately vulnerable modern day app with lots of DOM related bugs
A deliberately vulnerable modern day app with lots of DOM related bugs
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A VMware image for penetration testing purposes
A VMware image for penetration testing purposes
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
Open source security auditing tool to search and dump system configuration.
Open source security auditing tool to search and dump system configuration.
An open-source framework for testing and validating the security of AWS services and resources.
An open-source framework for testing and validating the security of AWS services and resources.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A ruby script that scans for vulnerable 3rd-party web applications
A ruby script that scans for vulnerable 3rd-party web applications
Ansible role for deploying and managing Bifrozt honeypots
Fake SSH server that sends push notifications for login attempts
Fake SSH server that sends push notifications for login attempts
A PowerShell toolkit for attacking Azure environments
Open source web application security scanner with 200+ vulnerability identification capabilities.
Open source web application security scanner with 200+ vulnerability identification capabilities.
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
An open-source penetration testing framework for social engineering with custom attack vectors.
An open-source penetration testing framework for social engineering with custom attack vectors.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
A comprehensive reference guide to Nmap's scripting engine and its various options, scripts, and target specifications.
A comprehensive reference guide to Nmap's scripting engine and its various options, scripts, and target specifications.
A powerful interactive packet manipulation program and library for network exploration and security testing.
A powerful interactive packet manipulation program and library for network exploration and security testing.
Linux-based operating system intentionally vulnerable for cybersecurity practice.
Linux-based operating system intentionally vulnerable for cybersecurity practice.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
A honeypot mimicking Tomcat manager endpoints to log requests and save attacker's WAR files for analysis.
A honeypot mimicking Tomcat manager endpoints to log requests and save attacker's WAR files for analysis.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
A wargaming network for penetration testers to practice their skills in a realistic environment.
A wargaming network for penetration testers to practice their skills in a realistic environment.
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.
Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A popular free security tool for automatically finding security vulnerabilities in web applications
A popular free security tool for automatically finding security vulnerabilities in web applications
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
A collection of resources for practicing penetration testing
A collection of resources for practicing penetration testing
A cheat sheet providing examples of creating reverse shells for penetration testing.
A cheat sheet providing examples of creating reverse shells for penetration testing.
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
A tool for testing Cross Site Scripting vulnerabilities
Simple script to check a domain's email protections and identify vulnerabilities.
Simple script to check a domain's email protections and identify vulnerabilities.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.
A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.
A docker container with multiple vulnerable applications for cybersecurity training.
A docker container with multiple vulnerable applications for cybersecurity training.
Sysreptor offers a customizable reporting solution for penetration testers and red teamers to streamline their security assessments.
Sysreptor offers a customizable reporting solution for penetration testers and red teamers to streamline their security assessments.
A red team planning framework document that guides exercise preparation with emphasis on blue team value, stakeholder engagement, and avoiding negative motivational approaches.
A red team planning framework document that guides exercise preparation with emphasis on blue team value, stakeholder engagement, and avoiding negative motivational approaches.
A tool for automated security scanning of web applications and manual penetration testing.
A tool for automated security scanning of web applications and manual penetration testing.
An open-source security tool that simulates network breaches by self-propagating across data centers to test organizational resilience against lateral movement attacks.
An open-source security tool that simulates network breaches by self-propagating across data centers to test organizational resilience against lateral movement attacks.
Tool for attacking Active Directory environments through SQL Server access.
Tool for attacking Active Directory environments through SQL Server access.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
Cybrary is an online learning platform that provides accessible and affordable training in cybersecurity skills.
Cybrary is an online learning platform that provides accessible and affordable training in cybersecurity skills.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
An intentionally insecure Android app designed to teach developers and security professionals about common app vulnerabilities.
An intentionally insecure Android app designed to teach developers and security professionals about common app vulnerabilities.
A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.
A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.
A script to detect and remove Canary Tokens with simple signature-based detections.
A script to detect and remove Canary Tokens with simple signature-based detections.
Automate the search for Exploits and Vulnerabilities in important databases.
Automate the search for Exploits and Vulnerabilities in important databases.
Vulnerable web application for beginners in penetration testing.
Vulnerable web application for beginners in penetration testing.
