Browse all offensive security tools, platforms, and services in one place.
GTFOBins is a curated list of Unix binaries to bypass local security restrictions in misconfigured systems, aiding pentesters and researchers.
Gandalf is a prompting skills test by Lakera that challenges users to extract secret information from a large language model.
GeoSpy is an AI-powered tool for precise photo geolocation, aiding investigations, OSINT, and location discovery with meter-level accuracy.
Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.
Ghidra is a software reverse engineering suite developed by the NSA. It includes tools for disassembly, decompilation, and analyzing malicious code.
SpecterOps Ghostwriter is a project management and reporting platform designed for security professionals to manage clients, projects, and reports.
Gitleaks detects secrets like passwords, API keys, and tokens in git repositories, files, and standard input.
Gobuster is a tool to brute-force URIs, DNS subdomains, and virtual hostnames, aiding in web application reconnaissance.
GodPotato is a privilege escalation tool for Windows, exploiting DCOM to elevate privileges to NT AUTHORITY\SYSTEM with ImpersonatePrivilege.
Gophish is a powerful open-source phishing toolkit designed to help organizations and security professionals conduct realistic phishing simulations.
GraphQL Cop is a Python utility for running security tests against GraphQL APIs, ideal for CI/CD checks and vulnerability reproduction.
Assess the security of your GraphQL apps: authorization, access control, complexity limits, introspection, DDOS, and injections.
