HackTricks Tools

$ security_tools --interactive

Security Assessment Tools

A collection of powerful, automated security analysis tools to help pentesters, bug bounty hunters, and security professionals identify vulnerabilities and misconfigurations in their targets.

Login Register
Discord logo

HackTricks Discord Server

Join the HackTricks Discord to stay up to date with technical security news summarized by AI, connect with the cybersecurity community, and get help around the HackTricks platforms.

Community AI Summaries Security News HackTricks
Open
Blue-CloudPEASS logo

Blue-CloudPEASS - Cloud IAM Security Auditor

Blue Team tool for auditing cloud security posture. Identifies risky IAM privileges, unused access, external trust relationships, and security misconfigurations across cloud platforms.

AWS Azure GCP IAM Audit Blue Team
Launch Tool
CloudPEASS logo

CloudPEASS - Blackbox Permission Scanner

Red Team tool for finding permissions and privilege escalation paths across AWS, Azure, and GCP. Enumerates permissions, identifies attack vectors, and suggests exploitation techniques.

AWS Azure GCP Privilege Escalation Red Team
Launch Tool
Domain audit logo

Domain & DNS Security Auditor

Comprehensive DNS security analysis including DNSSEC validation, SPF/DKIM/DMARC email security, HTTP security headers, CSP evaluation, SSL/TLS certificate analysis, and domain configuration checks.

DNS DNSSEC Email Security HTTP Headers CSP SSL/TLS
Launch Tool
Host Checker logo

Host Checker

Check IPs and domains against multiple threat intelligence sources to spot malicious infrastructure quickly.

Threat Intel IP Domain Malware
Launch Tool
Fact Checker logo

Fact Checker

A multi-agent verification workflow where AI verifiers research web sources, news, social networks, scientific papers, and patents, then deliberate structured voting rounds to produce a high-confidence yes/no verdict.

AI Agents OSINT Scientific Fact Check
Launch Tool
GitHub Leaks logo

GitHub Leaks Scanner

Scan GitHub repositories, organizations, and users for accidentally exposed secrets, API keys, tokens, and credentials using multiple powerful scanning tools.

GitHub Secrets API Keys Leakos Multi-Tool
Launch Tool
HackTricks AI logo

HackTricks AI Chatbot

Chat with an AI assistant powered by HackTricks knowledge base. Get instant answers to your security questions, pentesting techniques, and hacking methodologies.

AI Assistant Chatbot Knowledge Base Q&A
Open Chat
Malware World logo

Malware World

Detect potentially malicious hosts on the internet using 500+ blacklists. Check IPs, domains, and URLs against comprehensive threat databases.

Malware Detection Blacklists Threat Intel IP/Domain Check
Open Tool
NaxusAI logo

NaxusAI

LLM-powered, multi-agent analysis that reviews source code repositories to uncover vulnerabilities and security anti-patterns, including 0days, with actionable remediation guidance.

LLMs Agents Source Code Vulnerabilities
Open Tool