Submit your favorite resources for free.
Browse all offensive security tools, platforms, and services in one place.
GeoSpy is an AI-powered tool for precise photo geolocation, aiding investigations, OSINT, and location discovery with meter-level accuracy.
Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.
Ghidra is a software reverse engineering suite developed by the NSA. It includes tools for disassembly, decompilation, and analyzing malicious code.
SpecterOps Ghostwriter is a project management and reporting platform designed for security professionals to manage clients, projects, and reports.
GHunt.sh is an online tool requires no installation, no cookies, no account creation. It is completely free and privacy friendly.
Automated testing platform to secure LLM agents against prompt injection, data leaks, and hallucinations through continuous adversarial red teaming.
Gitleaks detects secrets like passwords, API keys, and tokens in git repositories, files, and standard input.
Gobuster is a tool to brute-force URIs, DNS subdomains, and virtual hostnames, aiding in web application reconnaissance.
GodPotato is a privilege escalation tool for Windows, exploiting DCOM to elevate privileges to NT AUTHORITY\SYSTEM with ImpersonatePrivilege.
Gophish is a powerful open-source phishing toolkit designed to help organizations and security professionals conduct realistic phishing simulations.
GraphQL Cop is a Python utility for running security tests against GraphQL APIs, ideal for CI/CD checks and vulnerability reproduction.
Assess the security of your GraphQL apps: authorization, access control, complexity limits, introspection, DDOS, and injections.
