Fetch many paths for many hosts - without killing the hosts

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.

Network Infrastructure Penetration Testing Tool

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Fast subdomains enumeration tool for penetration testers

Faster Nmap Scanning with Rust

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Tangalanga: the Zoom conference scanner hacking tool

Comprehensive Web Based Phishing Suite of Tools for Rapid Deployment and Real-Time Alerting!

a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

The Offensive Manual Web Application Penetration Testing Framework.

A stealthy, targeted Windows Loader for delivering second-stage payloads(shellcode) to the host machine undetected

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

Internet history forensics for Google Chrome/Chromium

#OSINT tool for finding Github repositories by extracting commit logs in real time from the Github event API

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset

.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.

Detect threats with log data and improve cloud security posture

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be…

Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDump() Shellcode

PoC to demonstrate how CLR ETW events can be tampered.

SMS/Email/Whatsapp bombers Collection 💣💣💣 💥