Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
OWASP Juice Shop is a deliberately insecure web application for security training, CTFs, and demonstrating security tools.
Gobuster is a tool to brute-force URIs, DNS subdomains, and virtual hostnames, aiding in web application reconnaissance.
CyberChef is a web app for encryption, encoding, compression, and data analysis, offering a wide range of operations in a drag-and-drop interface.
Ciphey is an automated decryption, decoding, and cracking tool that uses NLP and AI to decipher encryptions without knowing the key or cipher.
Sn1per is an Attack Surface Management (ASM) platform designed to automate vulnerability scanning and information gathering.
Qualys SSL Labs provides a free online service to perform deep analysis of the configuration of any SSL web server on the public Internet.
VIPER is a powerful and flexible red team platform designed for adversary emulation and red team operations across various platforms.
reconFTW automates reconnaissance, subdomain enumeration, and vulnerability checks, providing comprehensive target information.
John the Ripper jumbo is an advanced password cracker supporting hundreds of hash types and running on various platforms.
World's fastest password recovery utility, supporting CPUs, GPUs, and hardware accelerators on Linux, Windows, and macOS.
Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.
Wifite2 is a Python script for auditing wireless networks, automating various attacks to retrieve network passwords.
