Submit your favorite resources for free.
Browse all offensive security tools, platforms, and services in one place.
AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.
Evil QR is a toolkit demonstrating how attackers can take over accounts by convincing users to scan supplied QR codes through phishing.
Evil-WinRM is the ultimate WinRM shell for hacking/pentesting, offering features like in-memory script loading and AMSI bypass.
Evil Crow RF V2: A radio frequency hacking device for pentesting and red team ops, operating across multiple bands with dual CC1101 modules.
EvilWAF is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).
Master advanced phishing techniques with Evilginx, bypass MFA, and learn to create custom phishlets for red team engagements.
Exploit Database (Exploit-DB) is a curated repository of public exploits and proof-of-concepts for offensive and defensive security professionals.
Exploit.IN delivers the latest news, research, and tools concerning hacking, exploits, vulnerabilities, malware, and cybersecurity laws.
FOFA is a cyberspace search engine that helps researchers and enterprises quickly match network assets through cyberspace mapping.
Automate PenTest reporting and AppSec Posture Management (ASPM) for penetration testers, red teams, and application security teams.
Faraday Security: Cybersecurity tools to optimize network security, reinforce defenses, and protect against attackers with agile vulnerability management.
Feroxbuster is a fast, simple, recursive content discovery tool written in Rust, designed for forced browsing.
