Submit your favorite resources for free.
Browse all offensive security tools, platforms, and services in one place.
Interactsh is a tool and service for capturing and handling out-of-band interactions during security testing.
A multi-threaded application to turn single-threaded command line applications into faster, more efficient tools with CIDR and glob support.
Intigriti: crowdsourced security platform offering bug bounty, VDP, and pentesting services, connecting businesses with ethical hackers.
Unified exposure management platform for automated vulnerability scanning, attack surface monitoring, and cloud security posture management.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to evade signature-based detection.
Rust-based Windows PE manual loader supporting x86/x64. Implements manual mapping, base relocations, and import resolution for memory-based execution.
JWT Debugger is a web application to create, encode, decode, and debug JWT (JSON Web Tokens). It helps developers inspect claims and test token integrity.
John the Ripper jumbo is an advanced password cracker supporting hundreds of hash types and running on various platforms.
Julius is an open-source LLM service fingerprinting tool that identifies Ollama, vLLM, LiteLLM, and 30+ other AI services running on network endpoints.
Kali Linux is a Debian-based distribution for penetration testing, ethical hacking, and network security assessments, offering a vast array of tools.
Kerbrute is a tool for bruteforcing and enumerating valid Active Directory accounts via Kerberos pre-authentication.
Kiterunner is a contextual content discovery tool for modern web applications and APIs, excelling in route/endpoint bruteforcing.
