Top-rated tools trusted by the cybersecurity community
A Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unwaf will check SPF records.
Enumeration/exploit/analysis/download/etc pentesting framework for GCP
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication.
Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Zero config, no daemon, no persistence - just a fast way in.
Find tools organized by testing methodology and use case
Videos, podcasts, and articles about penetration testing