Submit your favorite resources for free.
Frameworks and resources for phishing simulations, credential harvesting, email security testing, and advanced social engineering campaign strategies.
Provides browser window templates for Browser In The Browser (BITB) phishing attacks, enabling realistic simulations for social engineering engagements.
Adversary simulation provider offering manual penetration testing, phishing assessments, offensive security training, and technical tool development.
CanIPhish is a platform for simulated phishing and security awareness training, offering realistic simulations and integrated eLearning.
Canarytokens is a free tool to plant traps in your network that notify you when triggered, helping you detect breaches early.
Evil QR is a toolkit demonstrating how attackers can take over accounts by convincing users to scan supplied QR codes through phishing.
Master advanced phishing techniques with Evilginx, bypass MFA, and learn to create custom phishlets for red team engagements.
Gophish is a powerful open-source phishing toolkit designed to help organizations and security professionals conduct realistic phishing simulations.
KnowBe4 HRM+ is a human risk management platform with security awareness training, cloud email protection, and AI-driven defense agents.
Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
Modlishka is a MITM proxy to bypass 2FA, enabling transparent multi-domain TLS traffic over a single domain without client certificates.
Phishing Club is a phishing simulation and man-in-the-middle framework designed for companies and red teams to obtain initial access.
WifiPumpkin3 Pro: A professional framework for Wi-Fi security testing, rogue access point deployment, and adversarial emulation for red teams.
