Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them sho…

Alphabetical list of free/public domain datasets with text data for use in Natural Language Processing (NLP)

Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading

Rotate your IAM Keys to be in compliance with security best practices

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A tool to restore a SQL Server backup file to AWS

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Detours with just single dependency - NTDLL

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

proxy poc implementation of STARTTLS stripping attacks

A curated list of CTF frameworks, libraries, resources and softwares

Some setup scripts for security research tools.

Linux privilege escalation auditing tool

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Automatic License Plate Recognition library

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

A script to generate wordlists out of wikipedia pages. Should support most of the subdomains. Some ugly code may occur

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

💬 Reverse Engineering Google's Speech To Text API (v2)

Framework for Man-In-The-Middle attacks

Net::TNS, a Ruby library for connecting to Oracle databases.

Collection of Proof of Concepts and Potential Targets for #ShellShocker

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

Command line application that allows to quickly start an ftp server without worrying about configuration. This makes it a handy tool to transfer files easily.