Penetration testing framework that allows you to deliver and manage a payload to a victim's computer.Attackers can use Cobalt Strike to deploy advanced persistent threat (APT) attacks against your organization.
Automated product for testing unauthorized intrusions into the system. Core Impact is built on current research on vulnerabilities and cutting-edge security threats. Core Impact scans information systems for threats. With this program, you can evaluate your organization's IT security in the same way as an attacker.
Platform for testing, finding and exploiting vulnerabilities. It includes the Metasploit frameworks and their commercial counterparts: Metasploit Pro, Express, Community and Nexpose Ultimate.
Nexpose is a software for local deployment in corporate networks, designed to manage vulnerabilities and track vulnerabilities in real time.
Dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. It can be used to inject shellcode into native Windows applications. Shellcode can be something you own or something generated by software platforms like Metasploit.
Professional development environment that provides a robust architecture for security applications and performance testing.
Exploit development environment. Get access to over 39,500 exploits, all zero days from our lab, post-exploitation modules, utilities, and up-to-date shellcodes.
Nighthawk is the most advanced and evasive command-and-control framework available on the market. Designed for lawful red team operations, Nighthawk empowers red teams by providing the benefits of a custom research and development facility.
The preferred toolkit for web security testers. Use it to automate repetitive testing tasks, then dig deeper with expert-designed manual and semi-automated security testing tools.
Brute Ratel comes prebuilt with several opsOpec features which can ease a Red Team’s task to focus more on the analytical part of an engagement instead of focusing or depending on Open source tools for post-exploitation. Brute Ratel is a post-exploitation C2 in the end and however does not provide exploit generation features like metasploit or vulnerability scanning features like Nessus, Acunetix or BurpSuite.
Performs automatic security control of web applications, identifying vulnerabilities in the protection of a website before they are detected and exploited by attackers.
Program for automatic search for known flaws in the protection of information systems. It is able to detect the most common types of vulnerabilities, such as: The presence of vulnerable versions of services or domains Errors in the configuration The presence of default, blank, or weak passwords.
A fully automatic web application security/security scanner (DAST, black box scanner, Web Application Security Scanner, Web Application Vulnerability Scanner) simulates attacks on hundreds and thousands of web applications and analyzes their reactions to identify vulnerabilities and security problems.
A powerful alternative to standalone software security testing tools.Analyzes application security automatically. The CxSAST module helps to identify development errors, CxIAST vulnerabilities, CxCodebashing teaches secure development, CxOSA analyzes Open Source components.
Fully [licensed] cleared version from the scaffold. + Modified arsenal kit from our team xCommunity ARSENAL (25/01/2024) - including all kits (Artifact, SleepMask, Mimikatz, etc)