Top-rated tools trusted by the cybersecurity community
smbclient-ng, a fast and user friendly way to interact with SMB shares.
Vulnetic Penetration Testing is an automated penetration testing platform that uses AI agents to conduct security assessments of web applications, APIs, and Active Directory environments. The platform performs vulnerability discovery and exploitation, testing for issues including authentication bypasses, injection flaws, cross-site scripting, server-side request forgery, and privilege escalation paths. The system conducts Active Directory assessments on networks with 500+ IP addresses, performing domain enumeration and identifying privilege escalation paths to domain admin. For web applications and APIs, the agents test for and exploit vulnerabilities rather than only flagging potential issues. The platform includes a reporting engine that generates evidence-backed penetration testing reports after assessments complete. Users can build custom penetration testing methodologies by defining tasks, setting parameters, and configuring how AI agents conduct tests. Vulnetic has identified and exploited vulnerabilities in production environments including stored XSS, SSRF exposing credentials, Active Directory misconfigurations like AS-REP roasting and Kerberoasting, broken access control, local file inclusion, and NTLM hash disclosure attacks. The platform operates on a credit-based pricing model with free credits available at signup, but also offers pro and enterprise licenses for heavy users.
A pentesting tool that exploits the default configuration of Windows to take over the default DNS server.
A collection of Azure AD/Entra tools for offensive and defensive security purposes
Find tools organized by testing methodology and use case
Videos, podcasts, and articles about penetration testing