Search

Search the directory

Find red teaming, penetration testing, and ethical hacking resources in seconds.

ReconnaissanceInfrastructure Security

RustScan

RustScan: lightning-fast port scanner automating Nmap integration with adaptive learning for efficient network reconnaissance and security audits.

External

Cloud SecurityReconnaissanceInfrastructure Security

Visit Website

S3Scanner

Details

S3Scanner finds misconfigured S3 buckets across various cloud providers, enhancing cloud security posture and data leak prevention.

Bug Bounty Web Cloud

Red Team Operations

Visit Website

SILPH

Details

Stealthy In-Memory Local Password Harvester (SILPH) dumps LSA secrets, SAM hashes, and DCC2 credentials without writing to disk.

C2 Internal

Physical Security

Visit Website

SPARROWS Lock Picks

Details

Sparrows Lock Picks offers quality lock picks, covert entry tools, beginner sets, practice locks, and tutorials for lock picking success.

Physical

API SecurityAI SecurityCloud SecurityApplication Security

Visit Website

Salt Security

Details

AI-infused API Security solution for the entire API lifecycle, from discovery and posture management to threat protection, including AI Agents.

API AI Cloud Vulnerability Intelligence Report+2

API Security

Visit Website

Schemathesis

Details

Schemathesis is a tool that automatically generates API tests from OpenAPI and GraphQL schemas to find bugs.

API Static Analysis

Cloud Security

Visit Website

ScoutSuite

Details

ScoutSuite: Multi-cloud security auditing tool for AWS, Azure, and GCP. Gathers configuration data and highlights risk areas.

Cloud

AI SecurityCloud SecurityApplication SecurityAPI SecurityWireless SecurityInfrastructure SecurityReporting

Visit Website

SecCheckmate

Details

Offline security checklist & report generator with 200+ tests across web, cloud, WiFi, firmware, and AI security domains.

Report AI Cloud Web API+3

Application SecurityCloud SecurityInfrastructure SecurityRed Team Operations

Visit Website

SecLists

Details

SecLists is a collection of multiple types of lists used during security assessments, collected in one place for easy access.

Bug Bounty Web External Internal

Reporting

Visit Website

Security Reporter

Details

Security Reporter is the all-in-one pentest reporting workspace designed to optimize the entire cybersecurity assessment workflow, from testing to reporting.

Report API

Bug BountyReconnaissance

Visit Website

SecurityTrails

Details

SecurityTrails provides a massive repository of historical DNS data and IP address records to help security teams track domain changes and attack surfaces.

Bug Bounty OSINT