Lists (18)
📱 Android
⚔️ APT
🔍 AV-Bypass
🔵 Blue Team
📝Code Analyzers
Static & dynamic analysisCore Programs
Really handy stuff I install on all computers🧷 Cracking
💥 Denial of Service
🍖 Exploitation
🚨 Forensics
🍯 Honey Pots
🔧 Miscelanous Tools
🧐 OSINT
🪝 Phising
🦴 Post-Exploitation
👁️ Recon
⚙️ Reverse Engineering
🔨 Software Development
Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
Best and simplest tool for website change detection, web page monitoring, and website change alerts. Perfect for tracking content changes, price drops, restock alerts, and website defacement monito…
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Android in docker solution with noVNC supported and video recording
Exploitation Framework for Embedded Devices
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
Fast and accurate AI powered file content types detection
📱 objection - runtime mobile exploration
Rewrite of the popular wireless network auditor, "wifite"
Open Source Vulnerability Management Platform
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/
Scanning APK file for URIs, endpoints & secrets.
The FLARE team's open-source tool to identify capabilities in executable files.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
An OSINT tool to search for accounts by username and email in social networks.
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
IntelOwl: manage your Threat Intelligence at scale
Continuously jam all wifi clients/routers
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.