Internal

CrackMapExec

CrackMapExec is a swiss army knife for pentesting Windows networks, automating common tasks for assessing security vulnerabilities.

Exploit DevelopmentRed Team Operations

DSViper

DSViper is a tool to bypass Windows Defender, enabling payload execution without triggering security alerts for ethical use.

Reporting

Dradis Pro

Dradis Pro streamlines pentesting with collaboration, automation, and consistent reporting, trusted by security teams worldwide.

Report Web Internal Services External

TrainingCertifications

EC-Council

EC-Council offers cybersecurity courses online, providing industry-recognized certifications and training for career advancement.

Training Certifications Web Internal Services+1

Red Team Operations

Empire

Empire is a post-exploitation framework for red teams and penetration testers, featuring encrypted comms and a modular design.

Internal External C2

Infrastructure Security

Evil-WinRM

Evil-WinRM is the ultimate WinRM shell for hacking/pentesting, offering features like in-memory script loading and AMSI bypass.

Infrastructure Security

Flamingo

Captures credentials sprayed across the network by various IT and security products, supporting protocols like SSH, HTTP, LDAP, DNS, FTP, and SNMP.

Infrastructure Security

GTFOBins

GTFOBins is a curated list of Unix binaries to bypass local security restrictions in misconfigured systems, aiding pentesters and researchers.

Infrastructure Security

GodPotato

GodPotato is a privilege escalation tool for Windows, exploiting DCOM to elevate privileges to NT AUTHORITY\SYSTEM with ImpersonatePrivilege.

Infrastructure SecurityApplication SecurityRed Team Operations

HORIZON3.ai

Internal External Services

Next‑gen autonomous penetration testing with NodeZero®—Horizon3.ai uncovers real‑world attack paths across cloud, on‑prem, and hybrid environments without human intervention.

Red Team Operations

Havoc