Submit your favorite resources for free.
Find red teaming, penetration testing, and ethical hacking resources in seconds.
Open-source tools and resources for vulnerability disclosure, promoting safe harbor and standardized practices for hackers and organizations.
dnstwist is a phishing domain scanner that finds lookalike domains adversaries can use to attack you, helping to identify potential threats.
Donut generates position-independent shellcode to load .NET Assemblies, PE files, VBScript, and other Windows payloads from memory.
The eCPPT certification validates practical penetration testing skills, covering reconnaissance, web app testing, exploit development, and Active Directory.
ffuf is a fast web fuzzer written in Go, designed for content discovery and web application security testing.
Garak is an LLM vulnerability scanner that probes for weaknesses like prompt injection, data leakage, hallucination, and toxicity.
Graphw00f is a GraphQL server engine fingerprinting tool. It identifies backend technologies and security defenses by analyzing unique endpoint responses.
World's fastest password recovery utility, supporting CPUs, GPUs, and hardware accelerators on Linux, Windows, and macOS.
hostap is a project providing hostapd, a user space daemon for access point and authentication server functionality, and wpa_supplicant.
Modified hostapd for advanced wifi attacks, enabling rogue access points and sophisticated wireless penetration testing scenarios.
Modified hostapd to facilitate AP impersonation attacks, obtaining client credentials and enabling further attacks.
hping3 is a network security tool for crafting custom TCP/IP packets. It is used by red teams for port scanning, firewall testing, and DDoS simulation.
