bypass-url-parser

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

With EmailAnalyzer you can analyze your suspicious emails. You can extract headers, links and hashes from the .eml file

Python Based Crypter That Can Bypass Any Kinds Of Antivirus Products

Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy…

A tool for checking if MFA is enabled on multiple Microsoft Services

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks

A simple multi-threaded distributed SSH brute-forcing tool written in Python

Password list generator that focuses on keywords mutated by commonly used password creation patterns

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

CrackQL is a GraphQL password brute-force and fuzzing utility.

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews.

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

Google Dorking Cheat Sheet

Sandman is a NTP based backdoor for red team engagements in hardened networks.

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

ProtOSINT is a Python script that helps you investigate Protonmail accounts and ProtonVPN IP addresses

VLAN attacks toolkit

Wi-Fi Exploitation Framework

Multi-threaded URL enumeration/brute-forcing tool in Python.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

An OSINT tool to search for accounts by username in social networks.

Find way more from the Wayback Machine!