The Ultimate Directory for Offensive Security

Offensive auditor for MCP servers. Detects RCE, tool poisoning, credential leaks, and SSRF across stdio, HTTP, and SSE transports.

Self-hosted offensive security platform for managing engagements, findings, and delivery. Features on-prem AI reporting and real-time team collaboration.

Premier hardware store for offensive security, providing Flipper Zero, Proxmark, Hak5 tools, SDR equipment, and specialized RFID cloning hardware.

Convert registry exports into NTUSER.MAN hive files to stealthily inject HKCU keys without admin rights, bypassing EDR/AV registry API monitoring.

Unified exposure management platform for automated vulnerability scanning, attack surface monitoring, and cloud security posture management.

NeroSwarm Deception Lab offers free cyber deception tools including honeytoken creation, honeypot script generation, and IP threat reputation checking.

Vulnetic AI is a high-performance hacking agent built for serious penetration testing at a fraction of typical costs.

AI-powered cybersecurity automation platform with 150+ tools and autonomous AI agents for pentesting, vulnerability discovery, and bug bounty automation.

Guided Hacking is the #1 source for learning game hacking since 2011 producing high quality educational content on game hacking & reverse engineering.

BloodHound CE maps attack paths in Active Directory, Entra ID, and Azure, using graph theory to reveal hidden relationships and vulnerabilities.

CALDERA is an automated adversary emulation system that leverages the MITRE ATT&CK framework to assess security posture and detect gaps.

Evilginx Pro is a phishing framework designed for red teams, enabling advanced phishing attacks with features like session hijacking and credential harvesting.