A unique technique to execute binaries from a password protected zip

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln

Identify hardcoded secrets and dangerous behaviours

Mining parameters from dark corners of Web Archives

Fast web fuzzer written in Go

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

a recon tool that allows searching on URLs that are exposed via shortener services

High speed/Low cost CommonCrawl RegExp in Node.js

SniperPhish - The Web-Email Spear Phishing Toolkit

decompiled pegasus_spyware

Starkiller is a Frontend for PowerShell Empire.

A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.

A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE

Gospider - Fast web spider written in Go

Search Google and download specific file types

RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

Image Payload Creating/Injecting tools

Notes about attacking Jenkins servers

Tool to scan for secret files on HTTP servers

A library that scrapes Linkedin for user data

DotDotPwn - The Directory Traversal Fuzzer

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.