Exploitation Tools

997 tools
fencer
fencer
Open Source Exploitation Web Application

Automated API security testing
ffufPostprocessing
ffufPostprocessing
Free Exploitation

Golang tool which helps dropping the irrelevant entries from your ffuf result file.
fileless-elf-exec
fileless-elf-exec
Open Source Exploitation

Execute ELF files without dropping them on disk
find-gh-poc
find-gh-poc
Open Source Exploitation

Find-gh-poc …
firewall-java
firewall-java
Free Exploitation

Zen protects your Java app against attacks with one line of code. Get peace of mind— at runtime.
firewall-node
firewall-node
Free Exploitation

Zen protects your Node app against attacks with one line of code. Get peace of mind— at runtime.
flashingestor
flashingestor
Open Source Exploitation Post-Exploitation

A TUI for Active Directory collection.
flawz
flawz
Open Source Exploitation

A Terminal UI for browsing security vulnerabilities (CVEs)
FlowAnalyzer
FlowAnalyzer
Open Source Exploitation

FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
fluffy-barnacle
fluffy-barnacle
Open Source Exploitation

Disposable, ephemeral network infrastructure powered by GitHub Codespaces.
fluxion
fluxion
Free Exploitation Scanning & Enumeration

Unified Vulnerability Intelligence Platform
fofa_viewer
fofa_viewer
Open Source Exploitation

A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.
fofaEX
fofaEX
Open Source Exploitation

FOFA EX 是一款基于fofa api(也可导入鹰图、夸克文件)实现的红队综合利用工具,可基于模板把工具作为插件进行集成,自动化进行资产探测,目前提供的插件功能如下:探活、 nuclei 模板扫描、IP反查域名、域名反查 ICP 备案、dismap 指纹扫描
FofaMap
FofaMap
Open Source Exploitation Scanning & Enumeration

FofaMap v2.0 是一款基于 Python3 开发的全网首个 AI 驱动红队资产测绘智能体。在延续原有 FOFA 数据采集、存活检测、统计聚合、图标 Hash 及批量查询等核心功能的基础上,2.0 版本原生支持 MCP 协议,可无缝接入 Cursor、Claude 等 A…
ForceAdmin
ForceAdmin
Open Source Exploitation Post-Exploitation

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
Fortigate
Fortigate
Open Source Exploitation

Extract Useful info from SSL VPN Directory Traversal Vulnerability (FG-IR-18-384)
frieren
frieren
Free Exploitation Wireless

Frieren is a micro-framework designed for use in routers and Single Board Computers (SBCs). This framework is built to be lightweight, effic…
fsociety
fsociety
Open Source Exploitation Post-Exploitation

fsociety Hacking Tools Pack – A Penetration Testing Framework
fusee-nano
fusee-nano
Open Source Exploitation

A minimalist re-implementation of the Fusée Gelée exploit, designed to run on embedded Linux devices. (Zero dependencies)
fuxploider
fuxploider
Open Source Exploitation Scanning & Enumeration

File upload vulnerability scanner and exploitation tool.
fuzz
fuzz
Free Exploitation Scanning & Enumeration

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Galaxy-Bugbounty-Checklist
Galaxy-Bugbounty-Checklist
Free Exploitation

Tips and Tutorials for Bug Bounty and also Penetration Tests.
gamehacking-cheatsheet
gamehacking-cheatsheet
Open Source Exploitation Reverse Engineering

Comprehensive Game Hacking Cheat Sheet for security researchers, reverse engineers, and CTF participants. Covers memory analysis, anti-cheat…
GarudRecon
GarudRecon
Open Source Exploitation Reconnaissance

GarudRecon automates domain recon with top open-source tools to discover assets, enumerate subdomains, and detect XSS, SQLi, LFI, RCE & more…