Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
John the Ripper jumbo is an advanced password cracker supporting hundreds of hash types and running on various platforms.
World's fastest password recovery utility, supporting CPUs, GPUs, and hardware accelerators on Linux, Windows, and macOS.
Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.
Wifite2 is a Python script for auditing wireless networks, automating various attacks to retrieve network passwords.
SecLists is a collection of multiple types of lists used during security assessments, collected in one place for easy access.
A comprehensive collection of payloads and bypasses for web application security testing and exploitation.
A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.
XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.
SpecterOps offers cybersecurity solutions and training to defend against adversary tactics, including tradecraft analysis and attack path management.
NetSPI is a proactive security solution for discovering, prioritizing, and remediating critical security vulnerabilities, offering PTaaS, ASM, and BAS.
Postman: The leading API platform for building and using APIs. Streamline collaboration and simplify the API lifecycle.
WAFW00F identifies and fingerprints Web Application Firewall (WAF) products protecting a website using various detection methods.