Browse all offensive security tools, platforms, and services in one place.
OWASP unveils the Gen AI Red Teaming Guide, offering a structured approach to evaluating LLM and Generative AI vulnerabilities.
OWASP Gen AI Security Project provides resources, risk strategies, and global collaboration to secure LLMs, AI agents, and generative AI technologies.
OWASP Juice Shop is a deliberately insecure web application for security training, CTFs, and demonstrating security tools.
OWASP Machine Learning Security Top 10 (2023) identifies the top 10 security risks for machine learning systems, focusing on developers and security experts.
OWASP Top 10 for LLM Applications 2025 highlights key security risks in AI applications, focusing on vulnerabilities and countermeasures.
OWASP Top 10 for Large Language Model Applications educates on security risks in deploying and managing LLMs and Generative AI applications.
A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.
OnionC2: C2 framework with Tor integration for secure, anonymous command and control. Rust & Go powered, cross-platform, and user-friendly.
Open Bug Bounty: A free platform for coordinated vulnerability disclosure and bug bounty programs, connecting security researchers and website owners.
Opengrep is a static code analysis engine for finding security issues in code, supporting 30+ languages and customizable rules.
Orsted C2 is a command and control framework designed for educational purposes, enabling operators to interact with distributed beacons.
OSINT.ly is a specialized intelligence engine that helps red teams discover subdomains, exposed assets, and digital footprints for advanced target recon.
