Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
SecLists is a collection of multiple types of lists used during security assessments, collected in one place for easy access.
A comprehensive collection of payloads and bypasses for web application security testing and exploitation.
A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.
XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.
SpecterOps offers cybersecurity solutions and training to defend against adversary tactics, including tradecraft analysis and attack path management.
NetSPI is a proactive security solution for discovering, prioritizing, and remediating critical security vulnerabilities, offering PTaaS, ASM, and BAS.
Postman: The leading API platform for building and using APIs. Streamline collaboration and simplify the API lifecycle.
WAFW00F identifies and fingerprints Web Application Firewall (WAF) products protecting a website using various detection methods.
Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.
ffuf is a fast web fuzzer written in Go, designed for content discovery and web application security testing.
Nuclei is a fast, customizable vulnerability scanner using YAML templates to detect vulnerabilities in applications, networks, and cloud.
Nikto is an open-source web server scanner that performs comprehensive tests against web servers for multiple vulnerabilities.
