Free
MSBuildAPICaller
A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.
Offensive Security
Offensive security testing uncovers vulnerabilities through simulated attacks.
Try these 279 AI Offensive Security Tools
Free
MTKPI
A tool that finds more information about a given URL or domain by querying multiple data sources.
Free
Mystikal
A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.
Free
Mythic
A tool for detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities
Free
NimPlant
Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.
Free
NomadBishop
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
Free
Nozzlr v1.1
A C#-based Command and Control Framework for remote access and control of compromised systems.
Free
NSBrute
Ophcrack is a free Windows password cracker based on rainbow tables with various features for password recovery.
Free
o365recon
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
Free
Obfuscapk
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.
Free
o365-attack-toolkit
SharpEDRChecker scans system components to detect security products and tools.
Free
Offensive Docker
Online Telegram bot for collecting information on individuals from various websites.
Free
OfficePurge
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.
Free
OneGadget
A simple, fast web crawler for discovering endpoints and assets in a web application
Free
onemillion
A suite of tools for Wi-Fi network security assessment and penetration testing.
Free
OneFuzz
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Free
Ophcrack
Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.
Free
OWASP Amass
A collection of tips and tricks for container and container orchestration hacking
Free
OWASP OWTF
An open-source intelligence collection, research, and artifact management tool inspired by SpiderFoot, Harpoon, and DataSploit.
Free
ParrotSec
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.