Loading...

Popular Free Commercial Categories Tasks Blog

CybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Vulnerability Exploitation

Explore 20 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Tasks
Vulnerability Exploitation

PINNED

Promoted • 6 tools

Commercial

Data Protection

Commercial

Network Security

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
0
Commercial
Offensive Security
Ai
Penetration Testing
Automation
Security Testing
Exploitation
Reconnaissance
Reporting
Security Assessment
Offensive Security
Vulnerability Exploitation
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
0
Commercial
Offensive Security
Ai
Penetration Testing
Automation
+7
Vaya-Ciego-Nen
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Blind Xss
Vulnerability Detection
Vulnerability Exploitation
Security Testing
Web Security
Vaya-Ciego-Nen
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Blind Xss
Vulnerability Detection
+3
xssor2
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Javascript
Security Testing
Vulnerability Exploitation
Web App Security
xssor2
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Javascript
Security Testing
+2
Liffy
A local file inclusion exploitation tool
0
Free
Honeypots
Exploit
Local File Inclusion
Web Application Security
Vulnerability Exploitation
Liffy
A local file inclusion exploitation tool
0
Free
Honeypots
Exploit
Local File Inclusion
Web Application Security
+1
XXEinjector
Automate the exploitation of XXE vulnerabilities
0
Free
Malware Analysis
Xxe
Vulnerability Exploitation
Penetration Testing
Security Research
XXEinjector
Automate the exploitation of XXE vulnerabilities
0
Free
Malware Analysis
Xxe
Vulnerability Exploitation
Penetration Testing
+1
surf
A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.
0
Free
Offensive Security
Ssrf
Cloud Security
Penetration Testing
Vulnerability Exploitation
Offensive Security
Cloud
Exploitation
Pentesting
Security Testing
Vulnerability Assessment
surf
A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.
0
Free
Offensive Security
Ssrf
Cloud Security
Penetration Testing
+7
racepwn
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
0
Free
Offensive Security
Offensive Security
Vulnerability Testing
Exploitation
Timing Attack
Penetration Testing
Security Testing
Framework
Vulnerability Exploitation
Exploit Development
Hacking Tool
racepwn
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
0
Free
Offensive Security
Offensive Security
Vulnerability Testing
Exploitation
+7
LFI-files
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
0
Free
Malware Analysis
Lfi
Bruteforce
File Inclusion
Vulnerability Exploitation
LFI-files
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
0
Free
Malware Analysis
Lfi
Bruteforce
File Inclusion
+1
LFI-Enum
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
0
Free
Digital Forensics
Lfi
Enumeration
File Inclusion
Linux
Local File Inclusion
Vulnerability Exploitation
LFI-Enum
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
0
Free
Digital Forensics
Lfi
Enumeration
File Inclusion
+3
libformatstr.py
A Python library that simplifies format string vulnerability exploitation by providing tools for payload generation, memory manipulation, and automated parameter detection.
0
Free
Offensive Security
Python
Exploitation
Penetration Testing
Offensive Security
Exploit Development
Payload Generation
Rop
Vulnerability Exploitation
libformatstr.py
A Python library that simplifies format string vulnerability exploitation by providing tools for payload generation, memory manipulation, and automated parameter detection.
0
Free
Offensive Security
Python
Exploitation
Penetration Testing
+5
Hash Extender
Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.
0
Free
Offensive Security
Cryptography
Hashing
Penetration Testing
Exploit
Command Line Tool
Hash Cracking
Offensive Security
Vulnerability Exploitation
Cli
Security Tool
Hash Extender
Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.
0
Free
Offensive Security
Cryptography
Hashing
Penetration Testing
+7
Ruler
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
0
Free
Offensive Security
Exchange
Vulnerability Exploitation
Remote Access
Ruler
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
0
Free
Offensive Security
Exchange
Vulnerability Exploitation
Remote Access
GRFICS
GRFICS is a Unity 3D-based framework that provides a virtual industrial control system environment for practicing ICS security attacks and defenses with visual feedback.
0
Free
Specialized Security
Industrial Control Systems
Ics
Scada
Simulation
Educational
Training
Penetration Testing
Network Security
Firewall
Intrusion Detection
Vulnerability Exploitation
GRFICS
GRFICS is a Unity 3D-based framework that provides a virtual industrial control system environment for practicing ICS security attacks and defenses with visual feedback.
0
Free
Specialized Security
Industrial Control Systems
Ics
Scada
+8
AttackerKB
A platform providing an activity feed on exploited vulnerabilities.
0
Free
Threat Management
Vulnerability Assessment
Vulnerability Detection
Vulnerability Exploitation
Cve
Exploit
AttackerKB
A platform providing an activity feed on exploited vulnerabilities.
0
Free
Threat Management
Vulnerability Assessment
Vulnerability Detection
Vulnerability Exploitation
+2
Damn Vulnerable GraphQL Application
A deliberately vulnerable GraphQL application designed for security testing and educational purposes, containing multiple intentional flaws for learning GraphQL attack and defense techniques.
0
Free
Application Security
Graphql
Vulnerable App
Application Security
Educational
Security Testing
Penetration Testing
Vulnerability Exploitation
Training
Appsec
Web Application Security
Damn Vulnerable GraphQL Application
A deliberately vulnerable GraphQL application designed for security testing and educational purposes, containing multiple intentional flaws for learning GraphQL attack and defense techniques.
0
Free
Application Security
Graphql
Vulnerable App
Application Security
+7
Elastichoney
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
0
Free
Honeypots
Honeypot
Elasticsearch
Rce
Vulnerability Exploitation
Security Testing
Elastichoney
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
0
Free
Honeypots
Honeypot
Elasticsearch
Rce
+2
sixnet-tools
Python exploitation tool for gaining root access to Sixnet RTUs in SCADA networks by exploiting application-level vulnerabilities.
0
Free
Offensive Security
Scada
Industrial Control Systems
Ics
Exploitation
Python
Penetration Testing
Offensive Security
Vulnerability Exploitation
Industrial Security
Exploit
sixnet-tools
Python exploitation tool for gaining root access to Sixnet RTUs in SCADA networks by exploiting application-level vulnerabilities.
0
Free
Offensive Security
Scada
Industrial Control Systems
Ics
+7
Web Application Exploits and Defenses
An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.
0
Free
Application Security
Educational
Web Application Security
Xss
Csrf
Application Security
Training
Vulnerability Exploitation
Web Security
Security Training
Web Application Exploits and Defenses
An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.
0
Free
Application Security
Educational
Web Application Security
Xss
+6
Reverse Shell Cheat Sheet
A cheat sheet providing examples of creating reverse shells for penetration testing.
0
Free
Offensive Security
Reverse Shell
Command Execution
Penetration Testing
Vulnerability Exploitation
Reverse Shell Cheat Sheet
A cheat sheet providing examples of creating reverse shells for penetration testing.
0
Free
Offensive Security
Reverse Shell
Command Execution
Penetration Testing
+1
Kerberos Party Tricks
Weaponizing Kerberos protocol flaws for stealthy attacks on domain users.
0
Free
Offensive Security
Kerberos
Vulnerability Exploitation
Enumeration
Brute Force
Kerberos Party Tricks
Weaponizing Kerberos protocol flaws for stealthy attacks on domain users.
0
Free
Offensive Security
Kerberos
Vulnerability Exploitation
Enumeration
+1

1