Uncover the curses

Pandora's box

oecrDvsi ewn olots dna oecserusr aerdetl ot eht lwdor of cikganh nda grrnmogmpai.

Pandora.
Pandora.
  • cwe-tool

    A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration

    • Multi
  • httpx

    A fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library

    • Scanner
    • Web
  • dnsx

    A fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolver

    • DNS
    • Network
    • Scanner
    • Web
  • katana

    A next-generation crawling and spidering framework

    • Scanner
    • Web
  • Awesome-WAF

    Everything about web application firewalls (WAFs) from a security perspective

    • Web
  • IoTGoat

    A deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices

    • Hardware
  • HydraBus

    An open source multi-tool hardware for anyone interested in Learning/Developping/Debugging/Hacking/Penetration Testing for basic or advanced embedded hardware

    • Hardware
    • RFID
  • ROADtools

    A collection of Azure Entra ID tools for offensive and defensive security purposes

    • Azure
    • Cloud
    • M365
    • Scanner
  • MFASweep

    A tool for checking if MFA is enabled on multiple Microsoft Services

    • Azure
    • M365
    • Passwords
  • SeamlessPass

    A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

    • Azure
    • Cloud
    • Kerberos
    • M365
  • cwe-tool

    A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration

    • Multi
  • httpx

    A fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library

    • Scanner
    • Web
  • dnsx

    A fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolver

    • DNS
    • Network
    • Scanner
    • Web
  • katana

    A next-generation crawling and spidering framework

    • Scanner
    • Web
  • Awesome-WAF

    Everything about web application firewalls (WAFs) from a security perspective

    • Web
  • IoTGoat

    A deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices

    • Hardware
  • HydraBus

    An open source multi-tool hardware for anyone interested in Learning/Developping/Debugging/Hacking/Penetration Testing for basic or advanced embedded hardware

    • Hardware
    • RFID
  • ROADtools

    A collection of Azure Entra ID tools for offensive and defensive security purposes

    • Azure
    • Cloud
    • M365
    • Scanner
  • MFASweep

    A tool for checking if MFA is enabled on multiple Microsoft Services

    • Azure
    • M365
    • Passwords
  • SeamlessPass

    A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

    • Azure
    • Cloud
    • Kerberos
    • M365
  • cwe-tool

    A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration

    • Multi
  • httpx

    A fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library

    • Scanner
    • Web
  • dnsx

    A fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolver

    • DNS
    • Network
    • Scanner
    • Web
  • katana

    A next-generation crawling and spidering framework

    • Scanner
    • Web
  • Awesome-WAF

    Everything about web application firewalls (WAFs) from a security perspective

    • Web
  • IoTGoat

    A deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices

    • Hardware
  • HydraBus

    An open source multi-tool hardware for anyone interested in Learning/Developping/Debugging/Hacking/Penetration Testing for basic or advanced embedded hardware

    • Hardware
    • RFID
  • ROADtools

    A collection of Azure Entra ID tools for offensive and defensive security purposes

    • Azure
    • Cloud
    • M365
    • Scanner
  • MFASweep

    A tool for checking if MFA is enabled on multiple Microsoft Services

    • Azure
    • M365
    • Passwords
  • SeamlessPass

    A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

    • Azure
    • Cloud
    • Kerberos
    • M365
  • cwe-tool

    A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration

    • Multi
  • httpx

    A fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library

    • Scanner
    • Web
  • dnsx

    A fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolver

    • DNS
    • Network
    • Scanner
    • Web
  • katana

    A next-generation crawling and spidering framework

    • Scanner
    • Web
  • Awesome-WAF

    Everything about web application firewalls (WAFs) from a security perspective

    • Web
  • IoTGoat

    A deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices

    • Hardware
  • HydraBus

    An open source multi-tool hardware for anyone interested in Learning/Developping/Debugging/Hacking/Penetration Testing for basic or advanced embedded hardware

    • Hardware
    • RFID
  • ROADtools

    A collection of Azure Entra ID tools for offensive and defensive security purposes

    • Azure
    • Cloud
    • M365
    • Scanner
  • MFASweep

    A tool for checking if MFA is enabled on multiple Microsoft Services

    • Azure
    • M365
    • Passwords
  • SeamlessPass

    A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

    • Azure
    • Cloud
    • Kerberos
    • M365

What is this?

Pandora's box is an indispensable treasure trove, brimming with the tools and resources you will seek in the midst of a security assessment, as you delve into new technologies, or as you strive to bring your own projects to life.

Does it have an API?

Of course, the deities provide their sacred API, granting you the power to summon the curses you seek. They implore you, explore the swagger UI and uncover what awaits.

The Olympus Garden.

Discover the Olympus Garden

This section is not unlocked yet.

Statistics

  • Total curses: 514
  • Number of categories: 104
  • Last update: 18/07/2025

Contribute

Feel free to offer your own curses and ideas to Pandora's box. Let your creations join the chaos, for there are no limits to what may be unleashed.