Submit your favorite resources for free.
Browse the newest offensive security tools, platforms, and services recently added to HackDB.
Webhook.site allows red teams to capture and inspect HTTP requests in real-time. It is essential for testing blind OOB vulnerabilities and exfiltration.
ShipSec Studio is an open-source security platform for red teams to build visual workflows for tool orchestration, recon, and vulnerability scanning.
Julius is an open-source LLM service fingerprinting tool that identifies Ollama, vLLM, LiteLLM, and 30+ other AI services running on network endpoints.
MCPHammer is a security assessment tool for the Model Context Protocol. It helps red teams test LLM integrations for prompt injection and data leakage.
Brutus by Praetorian is a CI/CD security tool that automates the discovery of vulnerabilities in build pipelines for red teams and security engineers.
Hunt for AI coding artifacts containing secrets by scanning public GitHub repositories for leaked credentials in AI coding tool configuration files.
See-SURF is an AI-powered security tool designed to find and validate potential Server Side Request Forgery (SSRF) parameters in web applications.
Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack, implemented in C++ and Python.
Provides browser window templates for Browser In The Browser (BITB) phishing attacks, enabling realistic simulations for social engineering engagements.
Phishing Club is a phishing simulation and man-in-the-middle framework designed for companies and red teams to obtain initial access.
IPinfo provides comprehensive IP address data, geolocation, and intelligence for developers and enterprises, powering applications and security solutions.
hostap is a project providing hostapd, a user space daemon for access point and authentication server functionality, and wpa_supplicant.
