Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
SpecterOps Ghostwriter is a project management and reporting platform designed for security professionals to manage clients, projects, and reports.
PlexTrac is an AI-powered platform for pentest reporting, vulnerability management, and continuous threat exposure management (CTEM).
PeTeReport is an open-source pentest reporting tool designed to assist pentesting/redteaming efforts by simplifying report generation.
DefectDojo automates application security vulnerability management, unifying security tools and streamlining DevSecOps workflows.
Dradis CE is an open-source reporting and collaboration tool for InfoSec professionals to streamline security project reporting for free.
PwnDoc is a pentest reporting application that simplifies writing findings and generating customizable Docx reports, saving time on documentation.
Automate PenTest reporting and AppSec Posture Management (ASPM) for penetration testers, red teams, and application security teams.
Empire is a post-exploitation framework for red teams and penetration testers, featuring encrypted comms and a modular design.
Havoc is a modern, malleable post-exploitation C2 framework with sleep obfuscation, return address spoofing, and indirect syscalls.
Mythic is a collaborative, multi-platform, red teaming framework with a user-friendly interface for operators and managers.
shcheck is a tool to check security headers of a website, reporting which are enabled and which are not.
Prism is an open-source HTTP mock and proxy server that accelerates API development with realistic mock servers powered by OpenAPI documents.