Submit your favorite resources for free.

Submit
LogoHackDB
RecentCategoryTagPricingSubmit
Sign In
LogoHackDB
Sign In
LogoHackDB

The Ultimate Directory for Offensive Security

Resources
  • Recent
  • Category
  • Tag
    • Listing
    • Pricing
    • FAQ
    • Submit
    Pages
    • Home
    • Support
    • Sitemap
    • llms.txt
    Company
    • About Us
    • Privacy Policy
    • Terms of Service
    Copyright © 2026 All Rights Reserved.

    Tag

    Explore by tag

    Discover offensive security resources related to a specific tag.

    Open AIicon of GeoEvidenticon of HexStrike AIicon of SplxAIicon of Lakera PINT Benchmarkicon of Giskardicon of PentAGI
    45+

    AI

    45 apps

    Tools and resources for AI security, including LLM testing, prompt injection, model exploitation, threat modeling, and securing AI-powered applications.

    Open tag
    Open APIicon of Vulnetic Hacking Agenticon of OWASP Foundationicon of PortSwiggericon of Aktoicon of Intrudericon of Xygeni Security
    46+

    API

    46 apps

    Security tools for testing REST, GraphQL, and SOAP APIs, covering authentication flaws, authorization bypasses, and various API-specific vulnerabilities.

    Open tag
    Open Bruteforceicon of Brutusicon of npkicon of KrakenHashesicon of asleapicon of Rubeusicon of Kiterunner
    11+

    Bruteforce

    11 apps

    Utilities and methodologies for password attacks, credential stuffing, hash cracking, and automated auth attempts across web, network, and service targets.

    Open tag
    Open Bug Bountyicon of HexStrike AIicon of DLLHijackHuntericon of bboticon of urlessicon of subwizicon of Porch Pirate
    47+

    Bug Bounty

    47 apps

    Platforms, write-ups, tooling, and resources tailored for bug bounty hunters, including recon workflows, automation, and vulnerability research strategies.

    Open tag
    Open C2icon of MCPHammericon of Muti Metrooicon of SessionHopicon of SILPHicon of Orsted C2icon of BEAR
    22+

    C2

    22 apps

    Command-and-control frameworks used in red team operations for post-exploitation, lateral movement, persistence, and adversary simulation.

    Open tag
    Open Certificationsicon of OWASP Foundationicon of Web Security Academyicon of OffSecicon of Zero-Point Security Coursesicon of Pwned Labsicon of APIsec University
    24+

    Certifications

    24 apps

    Offensive security certifications, exam prep materials, labs, and study resources for professional development in penetration testing and red teaming.

    Open tag
    Open Classificationicon of NIST NVDicon of CIS Top 18icon of Gobuster
    3+

    Classification

    3 apps

    Resources related to vulnerability classification standards such as CVSS, CWE, OWASP, and specialized risk rating methodologies for security assessments.

    Open tag
    Open Cloudicon of Vulnetic Hacking Agenticon of Intrudericon of Webhook.siteicon of SecCheckmateicon of Salt Securityicon of Aikido
    23+

    Cloud

    23 apps

    Security tools for assessing AWS, Azure, and GCP environments, including IAM abuse, misconfiguration discovery, and cloud-native exploitation techniques.

    Open tag
    Open DoSicon of DDoS-Rippericon of CC-attackicon of MikuMikuBeamicon of TCPCopyicon of hping3icon of MHDDoS
    8+

    DoS

    8 apps

    Tools and research related to denial-of-service testing, resource exhaustion, rate limiting validation, and availability impact assessment.

    Open tag
    Open Externalicon of GeoEvidenticon of Vulnetic Hacking Agenticon of Calderaicon of Evilginx Proicon of Metasploiticon of Censys
    75+

    External

    75 apps

    Resources focused on external perimeter testing, including internet-facing infrastructure, exposed services, DNS, and attack surface discovery.

    Open tag
    Open Internalicon of Vulnetic Hacking Agenticon of BloodHound Community Editionicon of GOADicon of PentAGIicon of IronPEicon of Lab401
    85+

    Internal

    85 apps

    Tools and methodologies for internal network penetration testing, Active Directory exploitation, lateral movement, and privilege escalation.

    Open tag
    Open Mobileicon of OWASP Foundationicon of Web Security Academyicon of PortSwiggericon of Titusicon of iSH-toolsicon of APKHunt
    16+

    Mobile

    16 apps

    Security testing resources for iOS and Android apps, covering reverse engineering, runtime analysis, mobile API abuse, and client-side vulnerabilities.

    Open tag
    Open OSINTicon of GeoEvidenticon of PentAGIicon of NeroSwarm Deception Labicon of Nervaicon of Xygeni Securityicon of KittySploit Framework
    37+

    OSINT

    37 apps

    Open-source intelligence tools and techniques used for reconnaissance, data gathering, footprinting, and target profiling across digital environments.

    Open tag
    Open Phishingicon of Black Hat Ethical Hackingicon of BITBicon of Phishing Clubicon of Lodestar Forgeicon of WifiPumpkin3 Proicon of Modlishka
    14+

    Phishing

    14 apps

    Frameworks and resources for phishing simulations, credential harvesting, email security testing, and advanced social engineering campaign strategies.

    Open tag
    Open Physicalicon of Lab401icon of Red Team Toolsicon of Physical Exploitation Storeicon of EvilCrowRF-V2icon of Access Toolsicon of ICopyX
    14+

    Physical

    14 apps

    Tools and methodologies related to physical security assessments, including badge cloning, hardware implants, lock bypass, and facility intrusion testing.

    Open tag
    Open Reporticon of GeoEvidenticon of BloodHound Community Editionicon of Evilginx Proicon of NIST NVDicon of Aktoicon of Reconmap
    43+

    Report

    43 apps

    Reporting templates, vulnerability write-up examples, executive summaries, and documentation best practices for professional pentest deliverable reports.

    Open tag
    Open Servicesicon of Vulnetic Hacking Agenticon of Evilginx Proicon of OWASP Foundationicon of Metasploiticon of Salt Securityicon of Aikido
    27+

    Services

    27 apps

    Security firms, managed offensive security providers, consulting organizations, and professional pentesting services offering expert security assessments.

    Open tag
    Open Static Analysisicon of GuidedHackingicon of Aktoicon of DLLHijackHuntericon of Xygeni Securityicon of Titusicon of claudleak
    29+

    Static Analysis

    29 apps

    Static application security testing (SAST) tools and code analysis resources used to identify vulnerabilities without executing the targeted application.

    Open tag
    Open Trainingicon of GuidedHackingicon of OWASP Foundationicon of Web Security Academyicon of Aktoicon of OffSecicon of GOAD
    51+

    Training

    51 apps

    Hands-on labs, courses, platforms, and educational resources to build practical offensive security skills for red teamers, pentesters, and ethical hackers.

    Open tag
    Open Vulnerability Intelligenceicon of NIST NVDicon of Intrudericon of Xygeni Securityicon of IPinfoicon of Salt Securityicon of Aikido
    24+

    Vulnerability Intelligence

    24 apps

    Threat intelligence feeds, CVE tracking platforms, exploit databases, and research sources focused on emerging vulnerabilities and exploitation trends.

    Open tag
    Open Webicon of Vulnetic Hacking Agenticon of OWASP Foundationicon of Web Security Academyicon of Metasploiticon of Censysicon of PortSwigger
    70+

    Web

    70 apps

    Tools and methodologies for web application security testing, covering injection, authentication, access control, and client/server-side vulnerabilities.

    Open tag
    Open Wirelessicon of Lab401icon of hostapicon of SecCheckmateicon of USB-WiFiicon of EAP_bustericon of Freeway
    32+

    Wireless

    32 apps

    Resources for testing Wi-Fi, Bluetooth, RFID, and other wireless technologies, including packet analysis, rogue access points, and wireless exploitation.

    Open tag