Use cases:
Attack Surface Monitoring (ASM)
Automated Penetration Testing
Continuous Automated Red Teaming (CART)
Automated Vulnerability Scanning
Automated Threat Intelligence
OSINT Automation
Trickest for:
For Security Managment
For Enterprise Security
Resources
Blog
Stay up to date about new workflows and the offsec industry
Reports
See our research which you can exploit
Trickest CLI
Running workflows via terminal
X (Twitter) bot
Hack by posting on X
Comunity
Join our Discord group
Latest Blog
Company
About Us
Our story and approach
Careers
Join Trickest
Contact Us
Get in touch with our Sales or Support team
Legal
Legal information about Trickest
News
Trickest latest insights
Join our team
See how Private Agents empower organizations to scan internal environments on any device using Trickest's solutions, workflows, and modules.
Learn how to use Trickest to discover hundreds of assets vulnerable to a newly discovered security flaw.
Discover how Modules solve offensive security challenges with automatic updates, built-in scalability, and simplified inputs and outputs for enhanced workflow automation experience.
Uncover how IT asset discovery is the foundation for robust digital defense strategies, offering unprecedented visibility and control over your organization's digital landscape.
Trickest introduces updates for business users: Self-hosted machines, Private Docker registry, Private team script library, better user management, and our new data retention policy for community users.
Here’s what you need to know about two of the best prophylactic tactics in cybersecurity to distinguish them, as they might sound like they're the same thing.
Uncover the transformative approach to Kubernetes security. See how Trickest's workflows and open-source tools elevate your defense against these evolving threats.
Dive into the intricacies of XSS and CSRF attacks and discover strategies to shield your web applications against these vulnerabilities.
Introducing Private Tooling for your tailor-made workflows and Advanced Variables for dynamic workflows.
Discover Trickest's Community Edition for advanced cybersecurity orchestration. Platform Access is now open round-the-clock for all users. Join us in welcoming NahamSec to our advisory team.
Easily unearth and address thousands of GitHub leaks with open-source tools and workflows.
Explore key strategies to strengthen the security of your IIS server and protect your web applications. Learn about firewall configurations, automation, authentication, and more.
Learn how to uncover Adobe Experience Manager (AEM) vulnerabilities at scale using advanced scanning techniques.
Discover the new static IP feature for business users and seamless tool versioning for elevated workflow management.
Ever wondered about the complexities of a DNS takeover? Join us as we dive deep into this threat, the potential damage it can cause, and how you can leverage Trickest's automated workflows to ensure your website's security.
Join us in exploring effective 403 bypass methods and automating these techniques using Trickest workflows. These proven methods, found and fine-tuned during bug bounty hunting, empower you to bypass forbidden errors and gain access to hidden endpoints.
Detect critical Citrix ADC/NetScaler Gateway vulnerability CVE-2023-351 via Trickest workflow
Explore a user-friendly light theme and email & in-app notifications about workflows and tools.
Learn how you can use Trickest workflow methodology to parse around 15TB of GitHub logs and extract public details from all discovered users and repositories.
Explore how OpenAI and Trickest synergize to translate HackTricks content into multiple languages, pioneering AI-powered multilingual expansion.
Explore the power of cloud provider infrastructure mapping and learn how to build a highly efficient workflow from scratch
Discover how the Inventory 3.0 automated workflow is monitoring assets and discovering the attack surface of over 800 companies
Discover Trickest's dynamic new dashboard, Python scripting, and enhanced workflow editor features.
Uncover the story of how hundreds of SSRF (Server-Side Request Forgery) vulnerabilities were found while investigating methods to reveal the IP address of webpages protected by Cloudflare.
Discover how to automate the process of identifying open ports in your network with our workflow. Sign up for a free trial of Trickest automated workflows and optimize your security practices.
Learn how to create an IDOR testing workflow that will test GET requests with three different types of users and create a report with matching status codes and content length.
New Trickest technique to bypass Cloudflare and discover the original IP address of web servers running in AWS but hidden behind platforms such as Cloudflare, Incapsula, Sucuri, etc.
Learn how to enumerate cloud resources (AWS, Azure, GCP...) just by knowing the name of a company and improving the current Trickest workflow 'Inventory 2.0 - Cloud Assets'.
Learn how to generate subdomain permutations from an initial list of subdomains and brute force them to discover more subdomains.
Learn how to defend and prevent insider threats and related risks such us phishing attacks, data leakage, and credential leakage via automated workflow engine.
Learn what subdomain discovery is, the best techniques to do it, and how to create a Trickest workflow to automate the discovery of subdomains using the best techniques.
Learn how to automate your threat intelligence work with a Trickest workflow to your advantage and stay one step ahead of the competition.
Creating automation for hacking workflows is satisfying, but complex. In this article, hakluke creates basic recon and scanning automation with Trickest in less than 30 minutes, without writing any code or managing infrastructure!
In just a few steps, create your own recon and vulnerability scanner via Trickest and GitHub and find vulnerabilities and assets easier than ever.
Attack Surface Management is now a necessity for organizations large and small. The problem is, how do you pick the right solution? Read this article to find out.
Monitoring IT Infrastructure is difficult at the best of times, but it also ensures that you will get the most out of it. In this article, we cover 8 best practices for IT infrastructure monitoring.
Find out how to protect the containers in your infrastructure like an organism protects the cells within its body.
Log4shell has received a lot of research interest. Here we share our analysis of its many, many attack vectors
