Penetration Testing
Explore 593 curated cybersecurity tools, with 15,190 visitors searching for solutions
FEATURED
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
An open-source phishing toolkit for businesses and penetration testers.
A utility that attempts to decrypt data from weak RSA public keys and recover private keys using multiple integer factorization algorithms.
A utility that attempts to decrypt data from weak RSA public keys and recover private keys using multiple integer factorization algorithms.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
Adversary emulation framework for testing security measures in network environments.
Adversary emulation framework for testing security measures in network environments.
A command-line tool that analyzes SPF and DMARC records to identify domains vulnerable to email spoofing attacks.
A command-line tool that analyzes SPF and DMARC records to identify domains vulnerable to email spoofing attacks.
A collection of tools that execute programs directly in memory using various delivery methods including URL downloads and netcat connections.
A collection of tools that execute programs directly in memory using various delivery methods including URL downloads and netcat connections.
A COM Command & Control framework that uses JScript to provide fileless remote access capabilities on Windows systems through a modular plugin architecture.
A COM Command & Control framework that uses JScript to provide fileless remote access capabilities on Windows systems through a modular plugin architecture.
A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.
A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.
A collection of CTF writeups from various competitions including picoCTF, GLUG, TUCTF, and HackTheBox challenges, providing detailed solutions and explanations for cybersecurity competition problems.
A collection of CTF writeups from various competitions including picoCTF, GLUG, TUCTF, and HackTheBox challenges, providing detailed solutions and explanations for cybersecurity competition problems.
A Linux exploit suggestion tool that identifies potential privilege escalation vulnerabilities by analyzing kernel versions and matching them against a database of known exploits.
A Linux exploit suggestion tool that identifies potential privilege escalation vulnerabilities by analyzing kernel versions and matching them against a database of known exploits.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
Pwntools is a Python CTF framework and exploit development library that provides tools for rapid prototyping and development of exploits and CTF challenge solutions.
Pwntools is a Python CTF framework and exploit development library that provides tools for rapid prototyping and development of exploits and CTF challenge solutions.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.
Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.
Create a vulnerable active directory for testing various Active Directory attacks.
Create a vulnerable active directory for testing various Active Directory attacks.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.
A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.
