Skip to content

Discover

Find tools for your stack. Pick an audience — we handle the noise.

Discover picks for Offensive & Pentesting

See all tools in Offensive & Pentesting →

On Hacker News

Ranked by discussion

tailscale

Healthy
1

The easiest, most secure way to use WireGuard and 2FA.

Open Source

CyberChef

Mixed

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Open Source

caddy

At Risk
1

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

Open Source

netbird

Mixed
1

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.

Open Source

pocketbase

Healthy
3

Open Source realtime backend in 1 file

Open Source

opensnitch

At Risk

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Open Source

pangolin

Healthy
0

Identity-aware VPN and proxy for remote access to anything, anywhere.

Open Source

Maigret

Mixed
0

♂ Collect a dossier on a person by username from 3000+ sites

Open Source

certificates

Mixed

A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Open Source

keycloak

Healthy
0

Open Source Identity and Access Management For Modern Applications and Services

Open Source

mitmproxy

Healthy
0

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Open Source

headscale

At Risk

An open source, self-hosted implementation of the Tailscale control server

Open Source

Trending now

See all →

  1. Prowler

    Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.

    Healthy
    4

  2. pentest-ai

    Offensive-security MCP server with 205 wrapped tools, 17 specialist agents, and 60 SPA-aware probes for OWASP Top 10. CLI + MCP, BYO LLM. No API key needed on MCP path.

    Healthy
    3

  3. sysreptor

    A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

    Healthy
    1

  4. Recog

    Pattern recognition for hosts, services, and content

    Mixed
    1

  5. cyntrisec/cyntrisec-cli

    Local-first AWS security analyzer that discovers attack paths and generates remediations using graph theory.

    Healthy
    1

  6. Stratus Red Team | DataDog

    cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

    Healthy
    0

  7. Anubis

    Web AI firewall utility which protects upstream resources from scraper bots.

    At Risk

  8. jadx

    Dex to Java decompiler

    At Risk

  9. Lonkero

    Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.

    At Risk

  10. Amass

    In-depth attack surface mapping and asset discovery

    At Risk

  11. frida

    Clone this repo to build Frida

    Mixed

  12. NullSec Linux

    Security-focused Linux distribution with 140+ pre-installed forensic and offensive security tools, custom hardened kernel, and integrated incident response workflows.

    At Risk

Beta — feedback welcome: [email protected]