Metasploit Framework

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

Next generation web scanner

The ultimate WinRM shell for hacking/pentesting

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

The best tool for finding one gadget RCE in libc.so.6

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

Username tools for penetration testing

A tool for embedding XXE/XML exploits into different filetypes

一个主要用于信息搜集的工具集，主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

DarkAngel 是一款全自动白帽漏洞扫描器，从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。

各种工具指纹收集分享

Password Crack Framework

API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities

Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework

CMS Scanner Framework

Perform timing attacks against web applications

A simple remote scanner for Atlassian Jira

A ruby gem for defending against Server Side Request Forgery (SSRF) attacks