#framework

Covenant on offsec.tools
Featured
Covenant

Collaborative C2 framework for red teamers.

SharpC2 on offsec.tools
SharpC2

Command and Control Framework written in C#.

evilgophish on offsec.tools
evilgophish

Combination of evilginx3 and GoPhish.

Empire on offsec.tools
Empire

Post-exploitation and adversary emulation framework that is used to aid Red Teams and pentesters.

Starkiller on offsec.tools
Starkiller

Starkiller is a frontend for Empire.

Caldera on offsec.tools
Caldera

Automated adversary emulation platform.

P4wnP1 A.L.O.A. on offsec.tools
P4wnP1 A.L.O.A.

Turn a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming or PE.

HardHat C2 on offsec.tools
HardHat C2

A cross-platform, collaborative, Command & Control framework.

badsecrets on offsec.tools
badsecrets

A library for detecting known secrets across many web frameworks.

The PenTesters Framework on offsec.tools
The PenTesters Framework

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Nimbo-C2 on offsec.tools
Nimbo-C2

Yet another (simple and lightweight) C2 framework.

Evilginx3 on offsec.tools
Evilginx3

Standalone MITM attack framework allowing for the bypass of 2-factor authentication.

bbrf on offsec.tools
bbrf

Help you coordinate your reconnaissance workflows across multiple devices.

CTFd on offsec.tools
CTFd

A Capture The Flag framework focusing on ease of use and customizability.

phpsploit on offsec.tools
phpsploit

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor.

PoshC2 on offsec.tools
PoshC2

A proxy aware C2 framework used to aid with post-exploitation and lateral movement.

R3C0Nizer on offsec.tools
R3C0Nizer

The first ever CLI based menu-driven web application B-Tier recon framework.

ScareCrow on offsec.tools
ScareCrow

Payload creation framework designed around EDR bypass.

WiFi-Pumpkin on offsec.tools
WiFi-Pumpkin

Framework for rogue Wi-Fi access point attack.

FiercePhish on offsec.tools
FiercePhish

Full-fledged phishing framework to manage all phishing engagements.

Samurai WTF on offsec.tools
Samurai WTF

The best security training environment for developers and AppSec professionals.

SimplyEmail on offsec.tools
SimplyEmail

Email recon made fast and easy, with a framework to build on.

PhoneInfoga on offsec.tools
PhoneInfoga

Information gathering framework for phone numbers.

Nosql-Exploitation-Framework on offsec.tools
Nosql-Exploitation-Framework

A Python Framework For NoSQL Scanning and Exploitation.

WiFi Exploitation Framework on offsec.tools
WiFi Exploitation Framework

WiFi exploitation framework.

wifiphisher on offsec.tools
wifiphisher

The rogue access point framework.

WebScarab on offsec.tools
WebScarab

Framework for analysing applications that communicate using the HTTP and HTTPS protocols.

jok3r on offsec.tools
jok3r

Network and Web Pentest Automation Framework.

Canvas on offsec.tools
Canvas

Assessment tool that allows penetration testing and hostile attack simulations.

Legion on offsec.tools
Legion

Aids in discovery, reconnaissance and exploitation of information systems.

DroneSploit on offsec.tools
DroneSploit

Drone pentesting framework console.

pown.js on offsec.tools
pown.js

Security testing and exploitation toolkit.

LazyHunter on offsec.tools
LazyHunter

A framework that provides a web UI to commonly used Bug Hunting/Pentesting tools.

wifipumpkin3 on offsec.tools
wifipumpkin3

Powerful framework for rogue access point attack.

AllAboutBugBounty on offsec.tools
AllAboutBugBounty

Bug Bounty notes gathered from various sources.

barq on offsec.tools
barq

The AWS Cloud Post Exploitation framework!

RouterSploit on offsec.tools
RouterSploit

Exploitation framework for embedded devices.

GraphQL Threat Matrix on offsec.tools
GraphQL Threat Matrix

Threat framework to research security gaps in GraphQL implementations.

Hackingtool on offsec.tools
Hackingtool

ALL IN ONE Hacking Tool For Hackers.

Arachni on offsec.tools
Arachni

Web Application Security Scanner Framework.

Sleepy Puppy on offsec.tools
Sleepy Puppy

Sleepy Puppy XSS Payload Management Framework.

XSSer on offsec.tools
XSSer

Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.

RacePWN on offsec.tools
RacePWN

Race Condition framework.

Wappalyzer on offsec.tools
Wappalyzer

Identify technology on websites.

brutesubs on offsec.tools
brutesubs

Automation framework for running multiple open sourced subdomain bruteforcing tools in parallel.

Maryam on offsec.tools
Maryam

Open-source Intelligence Framework.

The Social-Engineer Toolkit on offsec.tools
The Social-Engineer Toolkit

Open-source penetration testing framework designed for social engineering.

Maltego on offsec.tools
Maltego

Open source intelligence and forensics application.

BeEF on offsec.tools
BeEF

The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.

Recon-ng on offsec.tools
Recon-ng

OSINT tool aimed at reducing the time spent harvesting information from open sources.

Rengine on offsec.tools
Rengine

Automated reconnaissance framework for webapps, highly configurable streamlined recon process.

Metasploit on offsec.tools
Metasploit

The world’s most used penetration testing framework.

w3af on offsec.tools
w3af

Web Application Attack and Audit Framework.

Osmedeus on offsec.tools
Osmedeus

A Workflow Engine for Offensive Security

Jaeles on offsec.tools
Jaeles

The Swiss Army knife for automated Web Application Testing

ReconNess on offsec.tools
ReconNess

Continuous recon and pipeline tools setup.