The Ultimate Directory for Offensive Security

Wonka

Wonka is a Windows tool for extracting Kerberos tickets from the Local Security Authority (LSA) cache for security research and penetration testing.

API Security

WuppieFuzz

WuppieFuzz: coverage-guided REST API fuzzer using LibAFL, easy-to-use, explainable flaws, modular, supports black/grey/white box testing.

API

Application Security

XSStrike

XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.

Web Bug Bounty

Vulnerability Intelligence

Zero Day Initiative

Vulnerability Intelligence

Zero Day Initiative publishes advisories on vulnerabilities discovered by their researchers, providing details and links to vendor fixes.

Training

Zero-Point Security Courses

Zero-Point Security offers specialized training courses in various cybersecurity domains, enhancing practical skills for professionals.

Training Certifications

Exploit DevelopmentRed Team Operations

ZigStrike

ZigStrike is a shellcode loader with injection techniques and anti-sandbox features, using compile-time capabilities for shellcode allocation.

Reconnaissance

ZoomEye

ZoomEye is a cyberspace search engine for discovering and analyzing internet-connected devices, offering tools for asset discovery and vulnerability analysis.

External

Reverse EngineeringExploit Development

angr

angr is a platform-agnostic binary analysis framework for reverse engineering and vulnerability research.

Static Analysis

Bug BountyReconnaissanceApplication Security

bbot

A recursive internet scanner for hackers, designed to automate Recon, Bug Bounties, and ASM with a focus on comprehensive subdomain enumeration.

Bug Bounty OSINT Web

Wireless Security

bettercap

bettercap is a powerful, modular framework for network reconnaissance and MITM attacks over WiFi, Bluetooth LE, and Ethernet networks.

Wireless

API Security

crAPI

crAPI is a completely ridiculous API vulnerable by design, built on a microservices architecture, designed to help understand API security risks.

API Training

Reconnaissance

crt.sh

crt.sh is a Certificate Transparency (CT) log search tool that allows users to find SSL/TLS certificates issued for specific domains or organizations.

OSINT

Join the Community

Subscribe to our newsletter for the latest news and updates

HackDB

The Ultimate Directory for Offensive Security

Product

Search
Category
Tag

Resources

Pricing
Submit

Pages

Home
Sitemap
Support

Company2

About Us
Privacy Policy
Terms of Service

All Categories

AI Security

API Security

Application Security

Bug Bounty

Certifications

Cloud Security

Exploit Development

Infrastructure Security

Physical Security

Reconnaissance

Red Team Operations

Reporting

Reverse Engineering

Security Firms

Social Engineering

Training

Vulnerability Intelligence

Wireless Security

Infrastructure Security

Wonka

Wonka is a Windows tool for extracting Kerberos tickets from the Local Security Authority (LSA) cache for security research and penetration testing.

API Security

WuppieFuzz

WuppieFuzz: coverage-guided REST API fuzzer using LibAFL, easy-to-use, explainable flaws, modular, supports black/grey/white box testing.

API

Application Security

XSStrike

XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.

Web Bug Bounty

Vulnerability Intelligence

Zero Day Initiative

Vulnerability Intelligence

Zero Day Initiative publishes advisories on vulnerabilities discovered by their researchers, providing details and links to vendor fixes.

Training

Zero-Point Security Courses

Zero-Point Security offers specialized training courses in various cybersecurity domains, enhancing practical skills for professionals.

Training Certifications

Exploit DevelopmentRed Team Operations

ZigStrike

ZigStrike is a shellcode loader with injection techniques and anti-sandbox features, using compile-time capabilities for shellcode allocation.

Reconnaissance

ZoomEye

ZoomEye is a cyberspace search engine for discovering and analyzing internet-connected devices, offering tools for asset discovery and vulnerability analysis.

External

Reverse EngineeringExploit Development

angr

angr is a platform-agnostic binary analysis framework for reverse engineering and vulnerability research.

Static Analysis

Bug BountyReconnaissanceApplication Security

bbot

A recursive internet scanner for hackers, designed to automate Recon, Bug Bounties, and ASM with a focus on comprehensive subdomain enumeration.

Bug Bounty OSINT Web

Wireless Security

bettercap

bettercap is a powerful, modular framework for network reconnaissance and MITM attacks over WiFi, Bluetooth LE, and Ethernet networks.

Wireless

API Security

crAPI

crAPI is a completely ridiculous API vulnerable by design, built on a microservices architecture, designed to help understand API security risks.

API Training

Reconnaissance

crt.sh