Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
Burp extension to fuzz GenAI/LLM prompts for behavioral and prompt injection vulnerabilities, aiding security assessments.
Open-source LLM security testing framework for automated red teaming, prompt injection detection, and vulnerability scanning in AI agents and RAGs.
ChromeAlone transforms Chromium browsers into C2 implants, enabling covert operations with session stealing, credential capture, and remote execution.
LeakInsight API is a data leak detection service that helps developers and businesses identify leaked credentials and security risks across a vast database.
Hacksplaining offers interactive security training for developers, covering common web vulnerabilities through engaging lessons and hands-on practice.
Ethical hacking toolkit for iOS devices using iSH Shell, providing various security and reconnaissance tools for mobile pen-testing.
GeoSpy is an AI-powered tool for precise photo geolocation, aiding investigations, OSINT, and location discovery with meter-level accuracy.
Astra Security is an AI-powered pentest platform offering continuous vulnerability scanning and management for web apps, APIs, and cloud.
EAP_buster lists supported EAP methods of a RADIUS server, aiding red teams and detecting rogue WPA-Enterprise access points.
Freeway: Python-based WiFi penetration testing tool for ethical hackers and pentesters to audit and secure networks.
WifiPumpkin3 Pro: A professional framework for Wi-Fi security testing, rogue access point deployment, and adversarial emulation for red teams.
Modlishka is a MITM proxy to bypass 2FA, enabling transparent multi-domain TLS traffic over a single domain without client certificates.