Free
Darkarmour
A scripting engine for interacting with GraphQL endpoints for pentesting purposes.
Offensive Security
Offensive security testing uncovers vulnerabilities through simulated attacks.
Try these 279 AI Offensive Security Tools
Free
DDE attack with PowerShell Empire
Open-source project for building instrumented environments to simulate attacks and test detections.
Free
Dendrobate
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
Free
DET (extensible) Data Exfiltration Toolkit
Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.
Free
Dirtyc0w Docker POC
A tool for Local File Inclusion (LFI) exploitation and scanning
Free
DiskShadow
Self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing.
Free
DNS Rebind Toolkit
A subdomain enumeration tool for penetration testers and security researchers.
Free
Docker HTTP API Emulator
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
Free
Domain Hunter
A lightweight, first-stage C2 implant written in Nim for remote access and control.
Free
Domain
Online Telegram bot for collecting information on individuals from various websites.
Free
Donut
A tool that finds more information about a given URL or domain by querying multiple data sources.
Free
domfind
A wargaming network for penetration testers to practice their skills in a realistic environment.
Free
dref
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
Free
dvcs-ripper
Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
Free
DueDLLigence
A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.
Free
DumpsterFire Toolset
Repository of tools for testing iPhone messaging by Project Zero
Free
Ebowla
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
Free
Empire Communication Profiles
A post-exploitation tool for pentesting Active Directory
Free
enum4linux-ng
A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.
Free
event-generator
A comprehensive .NET post-exploitation library designed for advanced security testing.
Free
Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts
A collection of tips and tricks for container and container orchestration hacking
Free
Evilginx2
A collection of Microsoft PowerShell modules for penetration testing purposes.
Free
Exploit-Challenges
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.