Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
GraphQL Voyager: Visualize any GraphQL API as an interactive graph, aiding in understanding and exploration of its schema and relationships.
APIsec University offers free API security training courses to help you find API vulnerabilities and keep your APIs secure.
Learn API testing techniques, including API recon, documentation analysis, endpoint identification, and prevention of common API vulnerabilities.
InQL is a Burp Suite extension for advanced GraphQL testing, offering vulnerability detection and customizable scans.
OWASP ASTF: Automated API security testing framework based on OWASP API Security Top 10, designed for CI/CD integration and detailed reporting.
Custom firmware for Flipper Zero with added features, improved components, and full API compatibility for experimental purposes.
Prompt Airlines AI CTF by Wiz challenges users to manipulate an AI chatbot for a free ticket, focusing on AI security vulnerabilities.
ZigStrike is a shellcode loader with injection techniques and anti-sandbox features, using compile-time capabilities for shellcode allocation.
Evil Crow RF V2: A radio frequency hacking device for pentesting and red team ops, operating across multiple bands with dual CC1101 modules.
DSViper is a tool to bypass Windows Defender, enabling payload execution without triggering security alerts for ethical use.
Voyage is a Rust-based subdomain enumeration tool with active/passive methods, SQLite progress tracking, and a real-time terminal UI.
OWASP Machine Learning Security Top 10 (2023) identifies the top 10 security risks for machine learning systems, focusing on developers and security experts.