Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
dnstwist is a phishing domain scanner that finds lookalike domains adversaries can use to attack you, helping to identify potential threats.
GodPotato is a privilege escalation tool for Windows, exploiting DCOM to elevate privileges to NT AUTHORITY\SYSTEM with ImpersonatePrivilege.
Modified hostapd for advanced wifi attacks, enabling rogue access points and sophisticated wireless penetration testing scenarios.
EAPHammer: Evil twin attacks against WPA2-Enterprise networks with hostile portal attacks and indirect wireless pivots.
Wifiphisher is a rogue access point framework for Wi-Fi security testing and red team engagements, enabling MITM and phishing attacks.
Modified hostapd to facilitate AP impersonation attacks, obtaining client credentials and enabling further attacks.
CTFd is a Capture The Flag framework for cybersecurity training, developer skill enhancement, and student education, offering easy CTF event creation.
Virtualized WiFi pentesting lab using Docker and mac80211_hwsim for practicing WiFi attacks without physical cards.
asleap is a tool to recover LEAP/PPTP passwords, demonstrating a deficiency in Cisco LEAP networks using dictionary or captured packet analysis.
BloodHound Query Library appears to be a resource for pre-built queries designed for use with BloodHound, a tool for analyzing Active Directory environments.
Locksmith is a PowerShell tool to find and fix misconfigurations in Active Directory Certificate Services (AD CS).
OSINT.ly is a specialized intelligence engine that helps red teams discover subdomains, exposed assets, and digital footprints for advanced target recon.