Submit your favorite resources for free.
Browse all offensive security tools, platforms, and services in one place.
A MitM tool for relaying attacks, featuring DHCPv6 DNS takeover and local name resolution spoofing (mDNS, LLMNR, NetBIOS-NS).
Pwn.Guide is a curated cybersecurity platform focused on web exploitation and practical offensive security skills for beginners to advanced users.
Pwndbg is a GDB/LLDB plugin for exploit development and reverse engineering, simplifying debugging with advanced features.
pypykatz is a pure Python Mimikatz implementation for extracting credentials and secrets from Windows systems and memory dumps.
reNgine is an automated web reconnaissance framework streamlining the recon process for security professionals and bug bounty hunters.
reconFTW automates reconnaissance, subdomain enumeration, and vulnerability checks, providing comprehensive target information.
shcheck is a tool to check security headers of a website, reporting which are enabled and which are not.
sqlmap is an automatic SQL injection and database takeover tool for penetration testing and vulnerability detection.
A lightweight GPT model trained to discover subdomains, aiding in reconnaissance and bug bounty hunting.
theHarvester is an OSINT tool for gathering emails, subdomains, IPs, and URLs to determine a domain's external threat landscape.
A tool to de-clutter lists of URLs by removing redundant parameters, extensions, and unwanted content, enhancing reconnaissance.
A specialized WPA3 dictionary cracker that leverages the wpa_supplicant control interface for high-speed online brute-force attacks against SAE networks.
