The Ultimate Directory for Offensive Security

A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to evade signature-based detection.

JWT Debugger is a web application to create, encode, decode, and debug JWT (JSON Web Tokens).

John the Ripper jumbo is an advanced password cracker supporting hundreds of hash types and running on various platforms.

Julius is an open-source LLM service fingerprinting tool that identifies Ollama, vLLM, LiteLLM, and 30+ other AI services running on network endpoints.

Kali Linux is a Debian-based distribution for penetration testing, ethical hacking, and network security assessments, offering a vast array of tools.

Kerbrute is a tool for bruteforcing and enumerating valid Active Directory accounts via Kerberos pre-authentication.

Kiterunner is a contextual content discovery tool for modern web applications and APIs, excelling in route/endpoint bruteforcing.

KittySploit is a modern Python exploitation framework offering AI-assisted analysis, real-time collaboration, and multi-interface penetration testing capabilities.

KnowBe4 HRM+ is a human risk management platform with security awareness training, cloud email protection, and AI-driven defense agents.

CISA's Known Exploited Vulnerabilities (KEV) Catalog is an authoritative resource listing vulnerabilities actively exploited in the wild, aiding organizations in prioritizing remediation efforts.

A distributed password cracking system designed for security professionals and red teams to coordinate GPU/CPU resources for high-speed hash cracking.

LaZagne is an open-source password recovery tool designed to retrieve stored passwords from a local computer using various techniques.