Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
Certipy is a toolkit for enumerating and abusing Active Directory Certificate Services (AD CS) with ESC1-ESC16 attack path support.
Adaptix is an extensible post-exploitation framework with a cross-platform GUI client, encrypted comms, and plugin-based extenders.
OWASP Threat Dragon is a free, open-source threat modeling tool for creating threat model diagrams and listing threats.
Horizon3.ai provides autonomous pentesting via NodeZero, allowing red teams to find exploitable attack paths and verify security fixes in real-time.
PE-bear: A multiplatform reversing tool for PE files, offering a fast and flexible first view for malware analysis.
Guided Hacking is the #1 source for learning game hacking since 2011 producing high quality educational content on game hacking & reverse engineering.
OnionC2: C2 framework with Tor integration for secure, anonymous command and control. Rust & Go powered, cross-platform, and user-friendly.
Impacket is a collection of Python classes for working with network protocols, providing low-level access to packets and protocol implementation.
Impacket is a collection of Python classes for working with network protocols, focused on low-level packet access and protocol implementation.
Rubeus is a C# toolset for raw Kerberos interaction and abuses, heavily adapted from Kekeo and MakeMeEnterpriseAdmin projects.
Kerbrute is a tool for bruteforcing and enumerating valid Active Directory accounts via Kerberos pre-authentication.
SharpHound is the data collector for BloodHound, used to map and analyze Active Directory environments for privilege escalation and attack paths.
