Skip to content

ARS3NAL v1.0.0

Choose a tag to compare

@inflictx inflictx released this 26 Jun 14:17

First stable release. ARS3NAL is an offline arsenal for pentesters and bug bounty hunters: payloads, click-to-build commands, GTFOBins, scripts, checklists, and one search across everything. Fully offline, RU/EN.

What's new in 1.0

📜 Scripts module

110 full, copy-paste-and-run pentest scripts (Python / Bash / JS / HTML PoC) across 27 categories: boolean / time / error / UNION blind SQLi extractors, JWT forging, SSRF & XXE OOB listeners, IDOR matrices, recon pipelines, cloud / k8s probes, CVE PoCs and more. Filterable by group and language, each with its dependencies, parameters and safety badges. RU and EN.

⭐ Favorites everywhere

Star any payload, command, GTFOBin, script or Burp page from its reader and find it all under Favorites.

🎯 Consistent target substitution

Set your target / LHOST once; {TARGET}/{LHOST}, the *_IP placeholders and example hosts now resolve the same way across Payloads and Commands.

💾 Safer backups

A backup now contains only your personal layer (custom entries, favorites, notes, checklist progress, engagements). Restoring no longer wipes the bundled reference content.

Plus a pass of UX and audit fixes

  • Copy buttons fixed on long, horizontally-scrolling code blocks.
  • Checklist payload suggestions reworked for better coverage and fewer duplicates.
  • Recon command builders, command-builder mode fixes, the command palette opens Scripts and Notes, and many smaller fixes throughout.

Live demo: https://inflictx.github.io/Arsenal/