Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
Impacket is a collection of Python classes for working with network protocols, focused on low-level packet access and protocol implementation.
Rubeus is a C# toolset for raw Kerberos interaction and abuses, heavily adapted from Kekeo and MakeMeEnterpriseAdmin projects.
Kerbrute is a tool for bruteforcing and enumerating valid Active Directory accounts via Kerberos pre-authentication.
SharpHound is the data collector for BloodHound, used to map and analyze Active Directory environments for privilege escalation and attack paths.
Chisel: A fast TCP/UDP tunnel over HTTP, secured via SSH. Useful for firewalls, providing secure network endpoints.
ProxyChains is a tool to force TCP connections through proxies like TOR, supporting SOCKS4/5 and HTTP(S) with user/pass and basic auth.
GTFOBins is a curated list of Unix binaries to bypass local security restrictions in misconfigured systems, aiding pentesters and researchers.
Pillar Security: AI security platform to identify, assess, and mitigate security risks across the entire AI lifecycle.
GraphQLmap is a scripting engine for GraphQL endpoint pentesting, automating queries and fuzzing for vulnerabilities.
SigmaPotato: SeImpersonate privilege escalation tool for Windows 8-11 & Server 2012-2022 with PowerShell & .NET reflection support.
AI Red Teaming Playground Labs: Challenges for AI red teaming training, covering adversarial ML and Responsible AI failures.
BYOB is an open-source post-exploitation framework for students, researchers, and developers to build and manage botnets.