Impacket is a collection of Python classes for working with network protocols.

Fast subdomains enumeration tool for penetration testers

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Scanning APK file for URIs, endpoints & secrets.

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Fully featured and community-driven hacking environment

Stealing Signatures and Making One Invalid Signature at a Time

Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles

Extract credentials from lsass remotely

Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.

Dumping DPAPI credz remotely

60k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒

Tools for Kerberos PKINIT and relaying to AD CS

Check for LDAP protections regarding the relay of NTLM authentication

Try to find the origin IP of a webapp protected by Cloudflare.

Python tool to Check running WebClient services on multiple targets based on @leechristensen

Frida Android utilities

Password spraying tool and Bloodhound integration

Automate dorking while doing bug bounty or other stuffs.

DPULSE - Tool for complex approach to domain OSINT

Local File Inclusion Exploitation Tool (mirror)

Python code for generating a signature for Json Web Tokens

Minimal framework for web automation using selenium & pyautogui

Tool to proxy sqlmap requests to a websocket server, with support for multiple threads.

Arvos Utility Tool for Vulnerability Tracing