Browse all offensive security tools, platforms, and services in one place.
CVE Details is a comprehensive security vulnerability database that aggregates CVEs, OVAL entries, and CVSS scores to help track software security flaws.
A comprehensive community-developed list of common software and hardware weaknesses to help identify and mitigate security issues.
CXSECURITY.COM provides independent security information, a vast collection of data communication safety insights, and vulnerability details.
CanIPhish is a platform for simulated phishing and security awareness training, offering realistic simulations and integrated eLearning.
Canarytokens is a free tool to plant traps in your network that notify you when triggered, helping you detect breaches early.
Cellbusters develops RF detection and signal locating tech to guard against security threats in prisons, government, casinos, and more.
Certipy is a toolkit for enumerating and abusing Active Directory Certificate Services (AD CS) with ESC1-ESC16 attack path support.
Chisel: A fast TCP/UDP tunnel over HTTP, secured via SSH. Useful for firewalls, providing secure network endpoints.
ChromeAlone transforms Chromium browsers into C2 implants, enabling covert operations with session stealing, credential capture, and remote execution.
Ciphey is an automated decryption, decoding, and cracking tool that uses NLP and AI to decipher encryptions without knowing the key or cipher.
CloudFox helps penetration testers find exploitable attack paths in cloud infrastructure, currently supporting AWS with more on the way.
CloudGoat is a "Vulnerable by Design" AWS deployment tool for honing cloud cybersecurity skills through CTF-style scenarios.
