reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

HTML 8,357 1,282 Updated Nov 16, 2025

robinmoisson / staticrypt

Password protect a static HTML page, decrypted in-browser in JS with no dependency. No server logic needed.

HTML 7,567 469 Updated Jun 7, 2025

trickest / cve

Gather and update all available and newest CVEs with their PoC.

HTML 7,443 946 Updated Dec 17, 2025

microsoft / Security-101

8 Lessons, Kick-start Your Cybersecurity Learning.

HTML 5,964 788 Updated Nov 18, 2025

nisrulz / app-privacy-policy-generator

Generate a customized Privacy Policy and Terms of Use document for your mobile apps

HTML 4,408 441 Updated Dec 12, 2025

zan8in / afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

HTML 4,123 455 Updated Dec 17, 2025

0dayCTF / reverse-shell-generator

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

HTML 3,717 794 Updated Jun 14, 2025

AbirHasan2005 / ShellPhish

Modded version of shellphish. Mod Features are Colourized Text, Animations, In built setup for Termux, Extra features, More improvements, Bugs cleared, Fixed URL not showing.

HTML 1,155 201 Updated Dec 23, 2021

koutto / jok3r

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

HTML 1,070 254 Updated Jun 7, 2024

givanz / Vvveb

Powerful and easy to use cms to build websites, blogs or ecommerce stores.

HTML 933 167 Updated Oct 13, 2025

zaproxy / zap-extensions

ZAP Add-ons

HTML 906 757 Updated Dec 17, 2025

OhShINT / ohshint.gitbook.io

So what is this all about? Yep, its an OSINT blog and a collection of OSINT resources and tools. Suggestions for new OSINT resources is always welcomed.

HTML 883 91 Updated Aug 1, 2024

tuhin1729 / Bug-Bounty-Methodology

These are my checklists which I use during my hunting.

HTML 833 109 Updated Nov 30, 2023

hdks-bug / exploit-notes

Sticky notes for pentesting, bug bounty, CTF.

HTML 760 161 Updated Jul 28, 2025

maaaaz / androwarn

Yet another static code analyzer for malicious Android applications

HTML 516 161 Updated Jan 21, 2020

vysecurity / IPFuscator

IPFuscator - A tool to automatically generate alternative IP representations

HTML 400 59 Updated Jan 12, 2024

dr34mhacks / jwtauditor

JWT Auditor – Analyze, break, and understand your tokens like a pro.

HTML 303 49 Updated Jul 31, 2025

CyberCX-STA / PurpleOps

An open-source self-hosted purple team management web application.

HTML 295 51 Updated Dec 14, 2025

adeyosemanputra / pygoat

intentionally vuln web Application Security in django

HTML 292 1,152 Updated Oct 3, 2025

3ndG4me / KaliLists

Repo of all the default wordlists included in Kali. Convienent if you're using something other than Kali.

HTML 241 95 Updated Mar 29, 2022

codedx / codepulse

Code Pulse is a real-time code coverage tool for penetration testing activities

HTML 122 30 Updated Dec 7, 2022

sudo-flgr / OSINTKit-Brasil

OSINTKit Brasil é um repositório de favoritos para investigação e inteligência de fontes abertas, reunindo centenas de ferramentas, serviços e plataformas úteis — cuidadosamente categorizadas e pro…

HTML 95 14 Updated May 5, 2025

100security / dsf

Dork Search Files

HTML 13 4 Updated Feb 15, 2025

Matheus (DeaThKn1ght) Rocha ☠️ MathzRocha

Lists (2)

☠ - Ofensive Security

🔒 - Private

Starred repositories

wordlists

information-gathering

PowerShell

Python

Shell