Submit your favorite resources for free.
Find red teaming, penetration testing, and ethical hacking resources in seconds.
Donut generates position-independent shellcode to load .NET Assemblies, PE files, VBScript, and other Windows payloads from memory.
The eCPPT certification validates practical penetration testing skills, covering reconnaissance, web app testing, exploit development, and Active Directory.
ffuf is a fast web fuzzer written in Go, designed for content discovery and web application security testing.
Garak is an LLM vulnerability scanner that probes for weaknesses like prompt injection, data leakage, hallucination, and toxicity.
Graphw00f is a GraphQL server engine fingerprinting tool. It identifies backend technologies and security defenses by analyzing unique endpoint responses.
World's fastest password recovery utility, supporting CPUs, GPUs, and hardware accelerators on Linux, Windows, and macOS.
hostap is a project providing hostapd, a user space daemon for access point and authentication server functionality, and wpa_supplicant.
Modified hostapd for advanced wifi attacks, enabling rogue access points and sophisticated wireless penetration testing scenarios.
Modified hostapd to facilitate AP impersonation attacks, obtaining client credentials and enabling further attacks.
hping3 is a network security tool for crafting custom TCP/IP packets. It is used by red teams for port scanning, firewall testing, and DDoS simulation.
httpx is a fast and multi-purpose HTTP toolkit for reconnaissance, probing, and information gathering with retries and backoffs.
Ethical hacking toolkit for iOS devices using iSH Shell, providing various security and reconnaissance tools for mobile pen-testing.
