Display and control your Android device
Try searching for "database", "file", "API", or browse by category
335 Tools in InfoSec Tools
Verified
UEFITool
by LongSoft
UEFI firmware image viewer and editor
security
tool
4806
View Details
Featured
Trending
ghidra
by NationalSecurityAgency
Ghidra is a software reverse engineering (SRE) framework
disassembler
reverse-engineering
software-analysis
57261
View Details
Verified
toutatis
by megadose
Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more
information-gathering
instagram
instagram-scraper
2394
View Details
Verified
recon-ng
by lanmaster53
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
security
tool
4671
View Details
Verified
datasploit
by DataSploit
An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
security
tool
3115
View Details
Verified
image-match
by rhsimplex
🎇 Quickly search over billions of images
image-analysis
image-signatures
python
2964
View Details
Verified
ghauri
by r0oth3x49
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
security
tool
3528
View Details
Verified
NetExec
by Pennyw0rth
The Network Execution Tool
active-directory
hacking
infosec
4209
View Details
Verified
WinPwn
by S3cur3Th1sSh1t
Automation for internal Windows Penetrationtest / AD-Security
adsecurity
automation
exploitation
3489
View Details
uro
by s0md3v
declutters url lists for crawling/pentesting
security
tool
1372
View Details
dnsgen
by AlephNullSK
DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discovery and security assessments.
domains
osint
recon
976
View Details
lazyrecon
by nahamsec
This script is intended to automate your reconnaissance process in an organized fashion
security
tool
1969
View Details
Gxss
by KathanP19
A tool to check a bunch of URLs that contain reflecting params.
bugbounty
bugbounty-tool
golang
577
View Details
Jeeves
by ferreiraklet
Jeeves SQLI Finder
security
tool
217
View Details
bluepill
by season-lab
BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
debugger
malware
malware-analysis
125
View Details
Trending Security Tools
Trending
scrcpy
Trending
sherlock
Hunt down social media accounts by username across social networks
Trending
ghidra
Ghidra is a software reverse engineering (SRE) framework
Trending
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Trending
sqlmap
Automatic SQL injection and database takeover tool
Trending
dnSpy
.NET debugger and assembly editor
Trending
web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
Trending
nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Trending
gitleaks
Find secrets with Gitleaks 🔑
Trending
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Trending
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Trending
frida
Clone this repo to build Frida
Trending
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Trending
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Trending
impacket
Impacket is a collection of Python classes for working with network protocols.
Trending
katana
A next-generation crawling and spidering framework.
Trending
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Trending
amass
In-depth attack surface mapping and asset discovery
Trending
dex2jar
Tools to work with android .dex and java .class files
Trending
binwalk
Firmware Analysis Tool
Trending
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Trending
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Trending
subfinder
Fast passive subdomain enumeration tool.
Trending
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
Trending
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Trending
DVWA
Damn Vulnerable Web Application (DVWA)
Trending
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Trending
Sublist3r
Fast subdomains enumeration tool for penetration testers
Trending
BloodHound-Legacy
Six Degrees of Domain Admin
Trending
sliver
Adversary Emulation Framework
Trending
Sn1per
Attack Surface Management Platform
Trending
aws-vault
A vault for securely storing and accessing AWS credentials in development environments
Trending
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Trending
pwndbg
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Trending
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Trending
bbot
The recursive internet scanner for hackers. 🧡
Trending
objection
📱 objection - runtime mobile exploration
Trending
volatility
An advanced memory forensics framework
Trending
Havoc
The Havoc Framework
Trending
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Trending
WebGoat
WebGoat is a deliberately insecure application
Trending
ScoutSuite
Multi-Cloud Security Auditing Tool
Trending
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Trending
voltron
A hacky debugger UI for hackers
Trending
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Trending
osmedeus
A Workflow Engine for Offensive Security
Trending
capa
The FLARE team's open-source tool to identify capabilities in executable files.
Trending
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Trending
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Trending
GhidraMCP
MCP Server for Ghidra
Trending
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
Trending
scrcpy
Display and control your Android device
Trending
sherlock
Hunt down social media accounts by username across social networks
Trending
ghidra
Ghidra is a software reverse engineering (SRE) framework
Trending
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Trending
sqlmap
Automatic SQL injection and database takeover tool
Trending
dnSpy
.NET debugger and assembly editor
Trending
web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
Trending
nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Trending
gitleaks
Find secrets with Gitleaks 🔑
Trending
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Trending
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Trending
frida
Clone this repo to build Frida
Trending
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Trending
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Trending
impacket
Impacket is a collection of Python classes for working with network protocols.
Trending
katana
A next-generation crawling and spidering framework.
Trending
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Trending
amass
In-depth attack surface mapping and asset discovery
Trending
dex2jar
Tools to work with android .dex and java .class files
Trending
binwalk
Firmware Analysis Tool
Trending
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Trending
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Trending
subfinder
Fast passive subdomain enumeration tool.
Trending
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
Trending
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Trending
DVWA
Damn Vulnerable Web Application (DVWA)
Trending
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Trending
Sublist3r
Fast subdomains enumeration tool for penetration testers
Trending
BloodHound-Legacy
Six Degrees of Domain Admin
Trending
sliver
Adversary Emulation Framework
Trending
Sn1per
Attack Surface Management Platform
Trending
aws-vault
A vault for securely storing and accessing AWS credentials in development environments
Trending
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Trending
pwndbg
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Trending
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Trending
bbot
The recursive internet scanner for hackers. 🧡
Trending
objection
📱 objection - runtime mobile exploration
Trending
volatility
An advanced memory forensics framework
Trending
Havoc
The Havoc Framework
Trending
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Trending
WebGoat
WebGoat is a deliberately insecure application
Trending
ScoutSuite
Multi-Cloud Security Auditing Tool
Trending
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Trending
voltron
A hacky debugger UI for hackers
Trending
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Trending
osmedeus
A Workflow Engine for Offensive Security
Trending
capa
The FLARE team's open-source tool to identify capabilities in executable files.
Trending
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Trending
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Trending
GhidraMCP
MCP Server for Ghidra
Trending
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
Trending
scrcpy
Display and control your Android device
Trending
sherlock
Hunt down social media accounts by username across social networks
Trending
ghidra
Ghidra is a software reverse engineering (SRE) framework
Trending
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Trending
sqlmap
Automatic SQL injection and database takeover tool
Trending
dnSpy
.NET debugger and assembly editor
Trending
web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
Trending
nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Trending
gitleaks
Find secrets with Gitleaks 🔑
Trending
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Trending
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Trending
frida
Clone this repo to build Frida
Trending
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Trending
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Trending
impacket
Impacket is a collection of Python classes for working with network protocols.
Trending
katana
A next-generation crawling and spidering framework.
Trending
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Trending
amass
In-depth attack surface mapping and asset discovery
Trending
dex2jar
Tools to work with android .dex and java .class files
Trending
binwalk
Firmware Analysis Tool
Trending
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Trending
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Trending
subfinder
Fast passive subdomain enumeration tool.
Trending
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
Trending
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Trending
DVWA
Damn Vulnerable Web Application (DVWA)
Trending
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Trending
Sublist3r
Fast subdomains enumeration tool for penetration testers
Trending
BloodHound-Legacy
Six Degrees of Domain Admin
Trending
sliver
Adversary Emulation Framework
Trending
Sn1per
Attack Surface Management Platform
Trending
aws-vault
A vault for securely storing and accessing AWS credentials in development environments
Trending
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Trending
pwndbg
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Trending
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Trending
bbot
The recursive internet scanner for hackers. 🧡
Trending
objection
📱 objection - runtime mobile exploration
Trending
volatility
An advanced memory forensics framework
Trending
Havoc
The Havoc Framework
Trending
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Trending
WebGoat
WebGoat is a deliberately insecure application
Trending
ScoutSuite
Multi-Cloud Security Auditing Tool
Trending
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Trending
voltron
A hacky debugger UI for hackers
Trending
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Trending
osmedeus
A Workflow Engine for Offensive Security
Trending
capa
The FLARE team's open-source tool to identify capabilities in executable files.
Trending
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Trending
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Trending
GhidraMCP
MCP Server for Ghidra
Trending
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
Trending
scrcpy
Display and control your Android device
Trending
sherlock
Hunt down social media accounts by username across social networks
Trending
ghidra
Ghidra is a software reverse engineering (SRE) framework
Trending
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Trending
sqlmap
Automatic SQL injection and database takeover tool
Trending
dnSpy
.NET debugger and assembly editor
Trending
web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
Trending
nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Trending
gitleaks
Find secrets with Gitleaks 🔑
Trending
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Trending
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Trending
frida
Clone this repo to build Frida
Trending
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Trending
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Trending
impacket
Impacket is a collection of Python classes for working with network protocols.
Trending
katana
A next-generation crawling and spidering framework.
Trending
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Trending
amass
In-depth attack surface mapping and asset discovery
Trending
dex2jar
Tools to work with android .dex and java .class files
Trending
binwalk
Firmware Analysis Tool
Trending
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Trending
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Trending
subfinder
Fast passive subdomain enumeration tool.
Trending
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
Trending
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Trending
DVWA
Damn Vulnerable Web Application (DVWA)
Trending
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Trending
Sublist3r
Fast subdomains enumeration tool for penetration testers
Trending
BloodHound-Legacy
Six Degrees of Domain Admin
Trending
sliver
Adversary Emulation Framework
Trending
Sn1per
Attack Surface Management Platform
Trending
aws-vault
A vault for securely storing and accessing AWS credentials in development environments
Trending
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Trending
pwndbg
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Trending
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Trending
bbot
The recursive internet scanner for hackers. 🧡
Trending
objection
📱 objection - runtime mobile exploration
Trending
volatility
An advanced memory forensics framework
Trending
Havoc
The Havoc Framework
Trending
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Trending
WebGoat
WebGoat is a deliberately insecure application
Trending
ScoutSuite
Multi-Cloud Security Auditing Tool
Trending
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Trending
voltron
A hacky debugger UI for hackers
Trending
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Trending
osmedeus
A Workflow Engine for Offensive Security
Trending
capa
The FLARE team's open-source tool to identify capabilities in executable files.
Trending
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Trending
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Trending
GhidraMCP
MCP Server for Ghidra
Trending
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
Trending
scrcpy
Display and control your Android device
Trending
sherlock
Hunt down social media accounts by username across social networks
Trending
ghidra
Ghidra is a software reverse engineering (SRE) framework
Trending
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Trending
sqlmap
Automatic SQL injection and database takeover tool
Trending
dnSpy
.NET debugger and assembly editor
Trending
web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
Trending
nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Trending
gitleaks
Find secrets with Gitleaks 🔑
Trending
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Trending
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Trending
frida
Clone this repo to build Frida
Trending
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Trending
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Trending
impacket
Impacket is a collection of Python classes for working with network protocols.
Trending
katana
A next-generation crawling and spidering framework.
Trending
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Trending
amass
In-depth attack surface mapping and asset discovery
Trending
dex2jar
Tools to work with android .dex and java .class files
Trending
binwalk
Firmware Analysis Tool
Trending
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Trending
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Trending
subfinder
Fast passive subdomain enumeration tool.
Trending
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
Trending
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Trending
DVWA
Damn Vulnerable Web Application (DVWA)
Trending
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Trending
Sublist3r
Fast subdomains enumeration tool for penetration testers
Trending
BloodHound-Legacy
Six Degrees of Domain Admin
Trending
sliver
Adversary Emulation Framework
Trending
Sn1per
Attack Surface Management Platform
Trending
aws-vault
A vault for securely storing and accessing AWS credentials in development environments
Trending
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Trending
pwndbg
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Trending
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Trending
bbot
The recursive internet scanner for hackers. 🧡
Trending
objection
📱 objection - runtime mobile exploration
Trending
volatility
An advanced memory forensics framework
Trending
Havoc
The Havoc Framework
Trending
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Trending
WebGoat
WebGoat is a deliberately insecure application
Trending
ScoutSuite
Multi-Cloud Security Auditing Tool
Trending
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Trending
voltron
A hacky debugger UI for hackers
Trending
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Trending
osmedeus
A Workflow Engine for Offensive Security
Trending
capa
The FLARE team's open-source tool to identify capabilities in executable files.
Trending
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Trending
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Trending
GhidraMCP
MCP Server for Ghidra
Trending
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
Trending
scrcpy
Display and control your Android device
Trending
sherlock
Hunt down social media accounts by username across social networks
Trending
ghidra
Ghidra is a software reverse engineering (SRE) framework
Trending
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Trending
sqlmap
Automatic SQL injection and database takeover tool
Trending
dnSpy
.NET debugger and assembly editor
Trending
web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
Trending
nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Trending
gitleaks
Find secrets with Gitleaks 🔑
Trending
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Trending
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Trending
frida
Clone this repo to build Frida
Trending
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Trending
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Trending
impacket
Impacket is a collection of Python classes for working with network protocols.
Trending
katana
A next-generation crawling and spidering framework.
Trending
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Trending
amass
In-depth attack surface mapping and asset discovery
Trending
dex2jar
Tools to work with android .dex and java .class files
Trending
binwalk
Firmware Analysis Tool
Trending
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Trending
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Trending
subfinder
Fast passive subdomain enumeration tool.
Trending
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
Trending
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Trending
DVWA
Damn Vulnerable Web Application (DVWA)
Trending
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Trending
Sublist3r
Fast subdomains enumeration tool for penetration testers
Trending
BloodHound-Legacy
Six Degrees of Domain Admin
Trending
sliver
Adversary Emulation Framework
Trending
Sn1per
Attack Surface Management Platform
Trending
aws-vault
A vault for securely storing and accessing AWS credentials in development environments
Trending
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Trending
pwndbg
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Trending
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Trending
bbot
The recursive internet scanner for hackers. 🧡
Trending
objection
📱 objection - runtime mobile exploration
Trending
volatility
An advanced memory forensics framework
Trending
Havoc
The Havoc Framework
Trending
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Trending
WebGoat
WebGoat is a deliberately insecure application
Trending
ScoutSuite
Multi-Cloud Security Auditing Tool
Trending
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Trending
voltron
A hacky debugger UI for hackers
Trending
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Trending
osmedeus
A Workflow Engine for Offensive Security
Trending
capa
The FLARE team's open-source tool to identify capabilities in executable files.
Trending
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Trending
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Trending
GhidraMCP
MCP Server for Ghidra
Trending
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
Professional Growth
Infosec Certifications Resources
Discover the best cybersecurity certifications to advance your career
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
CRTP
OSCP+
OSWE
CRTO
CRTE
BSCP
Frequently Asked Questions about InfosecMania
Learn more about Cybersecurity Tools and how they can enhance your security posture
InfoSecMania is a comprehensive directory of cybersecurity tools and resources designed to help security professionals find the right tools for their needs.
You can submit a tool by clicking on the 'Submit Tool' link in the navigation menu and filling out the submission form with details about your tool.
Feel free to connect with us on LinkedIn, Discord, or just write to us at [email protected].
Tools are categorized based on their primary function, such as penetration testing, vulnerability assessment, network security, etc. Many tools may appear in multiple categories if they serve multiple purposes.
We only list tools and resources from publicly available, reputable sources — most of which are open-source and widely used in the cybersecurity community. However, always review and test tools in a safe, legal environment, like your lab or VM.
We actively monitor public repositories, GitHub, and community forums to keep our tool listings fresh. Many tools are auto-sourced from open-source feeds and security communities.