Submit your favorite resources for free.
Browse all offensive security tools, platforms, and services in one place.
WuppieFuzz: coverage-guided REST API fuzzer using LibAFL, easy-to-use, explainable flaws, modular, supports black/grey/white box testing.
AI-powered penetration testing platform that scales offensive security, discovers vulnerabilities, and validates exploits with AI agents.
XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.
Xygeni is an AI-powered ASPM platform that secures the software supply chain by detecting malware, secrets, and vulnerabilities across CI/CD pipelines.
Zero Day Initiative publishes advisories on vulnerabilities discovered by their researchers, providing details and links to vendor fixes.
Zero-Point Security offers specialized training courses in various cybersecurity domains, enhancing practical skills for professionals.
ZigStrike is a shellcode loader with injection techniques and anti-sandbox features, using compile-time capabilities for shellcode allocation.
ZoomEye is a cyberspace search engine for discovering and analyzing internet-connected devices, offering tools for asset discovery and vulnerability analysis.
angr is a platform-agnostic binary analysis framework for reverse engineering and vulnerability research.
asleap is a tool to recover LEAP/PPTP passwords, demonstrating a deficiency in Cisco LEAP networks using dictionary or captured packet analysis.
A recursive internet scanner for hackers, designed to automate Recon, Bug Bounties, and ASM with a focus on comprehensive subdomain enumeration.
bettercap is a powerful, modular framework for network reconnaissance and MITM attacks over WiFi, Bluetooth LE, and Ethernet networks.
