A new bootable USB solution.

Find secrets with Gitleaks 🔑

Find, verify, and analyze leaked credentials

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Clone this repo to build Frida

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

🤖 The Modern Port Scanner 🤖

Impacket is a collection of Python classes for working with network protocols.

Fast web fuzzer written in Go

Fast subdomains enumeration tool for penetration testers

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A swiss army knife for pentesting networks

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

⚓️ Easily test HTTP webhooks with this handy tool that displays requests instantly.

Scanning APK file for URIs, endpoints & secrets.

This repository contains the scanner component for Greenbone Community Edition.

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

A tool to dump the login password from the current linux user

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Unofficial Microsoft Teams for Linux client

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

A tool to perform Kerberos pre-auth bruteforcing

InSpec: Auditing and Testing Framework

ScareCrow - Payload creation framework designed around EDR bypass.

Pentest Report Generator

Fully featured and community-driven hacking environment

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.