Free
How to Write Malleable C2 Profiles for Cobalt Strike
Collection of vulnerable ARM binaries for beginner vulnerability researchers & exploit developers.
Offensive Security
Offensive security testing uncovers vulnerabilities through simulated attacks.
Try these 279 AI Offensive Security Tools
Free
idb
A guide to bypassing RFID card reader security mechanisms using specialized hardware
Free
Free
Industrial Exploitation Framework (ISF)
Weaponizing Kerberos protocol flaws for stealthy attacks on domain users.
Free
Industrial Security Exploitation Framework
A tool that simplifies the installation of tools and configuration for Kali Linux
Free
Injectus
A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.
Free
InlineWhispers
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Free
Insomniac Security External C2 Framework for Cobalt Strike
A tool that simplifies the installation of tools and configuration for Kali Linux
Free
IntruderPayloads
A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.
Free
InvisibilityCloak
A tool for Local File Inclusion (LFI) exploitation and scanning
Free
Joi Security
Python-based toolkit for network hacking with various implemented techniques and supported by Securetia SRL.
Free
Kali
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.
Free
Kamerka
Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.
Free
Kerberos Party Tricks
Cutting-edge open-source security tools for adversary simulation and threat hunting.
Free
Koadic
Tool for attacking Active Directory environments through SQL Server access.
Free
Kubesploit
A comprehensive .NET post-exploitation library designed for advanced security testing.
Free
Lab of a Penetration Tester: Week of Evading Microsoft ATA
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
Free
LaZagne Project
Self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing.
Free
LazyKali
A set of YARA rules for identifying files containing sensitive information
Free
Legion
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
Free
LFISuite
Interactive online malware sandbox for real-time analysis and threat intelligence
Free
libformatstr.py
The Proxmark III is a versatile device for sniffing, reading, and cloning RFID tags with strong community support.