Exploit Frameworks

Burp Suite Professional

The world's #1 web penetration testing toolkit.

A comprehensive platform for performing security testing of web applications.

View tool details →

Cobalt Strike

Adversary Simulations and Red Team Operations.

A commercial threat emulation tool for post-exploitation and advanced adversary simulation.

View tool details →

Wireshark

The world’s foremost and widely-used network protocol analyzer.

A fundamental tool for network analysis, troubleshooting, and security.

View tool details →

Metasploit Framework

The world's most used penetration testing framework.

An open-source platform for developing, testing, and executing exploit code against remote targets.

View tool details →

Kali Linux

The most advanced penetration testing distribution.

A Debian-based Linux distribution with a vast collection of pre-installed security tools.

View tool details →

Core Impact

Professional Pen Testing Tools: Guided Automation and Certified Exploits.

A commercial penetration testing tool for identifying and exploiting vulnerabilities across various vectors.

View tool details →

sqlmap

Automatic SQL injection and database takeover tool.

An open-source tool that automates detecting and exploiting SQL injection flaws.

View tool details →

Social-Engineer Toolkit (SET)

An open-source penetration testing framework designed for social engineering.

A Python-driven tool aimed at penetration testing around social engineering.

View tool details →

BeEF (Browser Exploitation Framework)

The Browser Exploitation Framework.

A penetration testing tool that focuses on the web browser.

View tool details →

PowerShell Empire

A post-exploitation framework.

A pure PowerShell post-exploitation agent, now merged with Python-based Empyre.

View tool details →

Scapy

A powerful interactive packet manipulation program.

A Python-based library and tool for low-level network packet manipulation.

View tool details →

Immunity CANVAS

The Premier Exploit Development Platform.

A commercial exploit development framework for penetration testers and security professionals.

View tool details →

Routersploit

Exploitation Framework for Embedded Devices.

An open-source framework dedicated to exploiting vulnerabilities in embedded devices.

View tool details →

Brute Ratel C4

A Customized Command and Control Center.

A commercial adversary emulation and red team framework.

View tool details →

Sliver

An open source cross-platform adversary emulation/red team framework.

A powerful open-source C2 framework developed by Bishop Fox.

View tool details →

Havoc

A modern and malleable post-exploitation command and control framework.

An open-source, modern, and malleable post-exploitation C2 framework.

View tool details →

Mythic

A collaborative, multi-platform, C2 framework.

A highly extensible, open-source C2 framework for red teams.

View tool details →

Covenant

A .NET command and control framework.

An open-source C2 framework that uses .NET and Blazor.

View tool details →

Nighthawk

An advanced C2 framework for red teaming.

A highly advanced, commercially available C2 framework focused on stealth and evasion.

View tool details →

Armitage

A graphical cyber attack management tool for Metasploit.

A GUI front-end for the Metasploit Framework for visualization and team collaboration.

View tool details →

Pocsuite3

An open-sourced remote vulnerability testing and proof-of-concept development framework.

An open-source framework for writing and testing proofs-of-concept (PoCs).

View tool details →

Exploit Pack

Your partner in cyber security.

An open-source and commercial exploit framework with a focus on exploit development.

View tool details →

Aircrack-ng

A complete suite of tools to assess WiFi network security.

A framework of tools for auditing and cracking wireless networks.

View tool details →