Home / Security Testing / Offensive Security

Offensive Security

Offensive security testing uncovers vulnerabilities through simulated attacks.

Try these 279 AI Offensive Security Tools

Burp-LFI-tests
Free
Offensive Security

Burp-LFI-tests

A unified repository for different Metasploit Framework payloads.

Burp Suite Professional
Free
Offensive Security

Burp Suite Professional

A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions

C2concealer
Free
Offensive Security

C2concealer

Emulates Docker HTTP API with event logging and AWS deployment script.

Caldera
Free
Offensive Security

Caldera

A black-box obfuscation tool for Android apps with Android App Bundle support.

cariddi
Free
Offensive Security

cariddi

APT Simulator is a tool for simulating a compromised system on Windows.

Charlotte
Free
Offensive Security

Charlotte

Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.

Chameleon
Free
Offensive Security

Chameleon

Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.

ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution
Free
Offensive Security

ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution

A document that helps inform red team planning by contrasting against the very specific red team style described in Red Teams.

CloakifyFactory
Free
Offensive Security

CloakifyFactory

A blog post discussing the often overlooked dangers of CSV injection in applications.

Cobalt Strike Malleable C2 Design and Reference Guide
Free
Offensive Security

Cobalt Strike Malleable C2 Design and Reference Guide

A framework for testing and exploiting race conditions in software

Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite
Free
Offensive Security

Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite

A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.

Cobalt Strike's ExternalC2 framework
Free
Offensive Security

Cobalt Strike's ExternalC2 framework

Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.

Combatting Incident Responders with Apache mod_rewrite
Free
Offensive Security

Combatting Incident Responders with Apache mod_rewrite

A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.

Commix
Free
Offensive Security

Commix

Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.

Covert Red Team Attack Infrastructure
Free
Offensive Security

Covert Red Team Attack Infrastructure

A collection of resources for practicing penetration testing

tryharder
Free
Offensive Security

tryharder

A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.

Covenant
Free
Offensive Security

Covenant

A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.

CrackMapExec
Free
Offensive Security

CrackMapExec

A list of useful payloads and bypasses for Web Application Security.

CrackMapExec (CME)
Free
Offensive Security

CrackMapExec (CME)

Data exfiltration & infiltration tool using text-based steganography to evade security controls.

CredMaster
Free
Offensive Security

CredMaster

A full-featured reconnaissance framework for web-based reconnaissance with a modular design.

CrossC2
Free
Offensive Security

CrossC2

Check if a domain is in the Alexa or Cisco top one million domain list.

Previous 1 2 3 4 ... 12 Next