8,922 tools
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
Modular framework for pentesting Modbus protocol with diagnostic and offensive features.
Modular framework for pentesting Modbus protocol with diagnostic and offensive features.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
A proof-of-concept tool that generates Excel BIFF8 files with embedded 4.0 macros programmatically without requiring Microsoft Excel installation.
A proof-of-concept tool that generates Excel BIFF8 files with embedded 4.0 macros programmatically without requiring Microsoft Excel installation.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
TikiTorch is a process injection tool that executes code within the address space of other processes using various injection techniques.
TikiTorch is a process injection tool that executes code within the address space of other processes using various injection techniques.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
Simple script to check a domain's email protections and identify vulnerabilities.
Simple script to check a domain's email protections and identify vulnerabilities.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
SourcePoint generates customizable C2 profiles for Cobalt Strike servers to enhance evasion capabilities against security defenses.
SourcePoint generates customizable C2 profiles for Cobalt Strike servers to enhance evasion capabilities against security defenses.
Adversary emulation framework for testing security measures in network environments.
Adversary emulation framework for testing security measures in network environments.
Skyhook is an HTTP-based file transfer tool that uses obfuscation techniques to evade detection by Intrusion Detection Systems.
Skyhook is an HTTP-based file transfer tool that uses obfuscation techniques to evade detection by Intrusion Detection Systems.
A comprehensive .NET post-exploitation library designed for advanced security testing.
A comprehensive .NET post-exploitation library designed for advanced security testing.
SharpC2 is a C#-based Command and Control framework that provides remote access capabilities for penetration testing and red team operations.
SharpC2 is a C#-based Command and Control framework that provides remote access capabilities for penetration testing and red team operations.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.
A C/C++ tool for remote process injection, supporting x64 and x86 operations, with system call macros generated by SysWhispers script.
A C/C++ tool for remote process injection, supporting x64 and x86 operations, with system call macros generated by SysWhispers script.
RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.
RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.
A dynamic redirect rules generator that creates custom redirect configurations for penetration testing and security assessment scenarios.
A dynamic redirect rules generator that creates custom redirect configurations for penetration testing and security assessment scenarios.
RedGuard is a C2 front flow control tool that helps evade detection by security systems through traffic filtering and redirection capabilities.
RedGuard is a C2 front flow control tool that helps evade detection by security systems through traffic filtering and redirection capabilities.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
PwnAuth is an open-source tool for generating and managing authentication tokens across multiple protocols, designed for penetration testing and red team exercises.
PwnAuth is an open-source tool for generating and managing authentication tokens across multiple protocols, designed for penetration testing and red team exercises.