Lists (31)
AD Tools 🏛️
Android Security 📱
AWS Security ☁️
Tools for improve AWS environments securityC2 🟥
Cloudflare WAF ☁️
Tools for audit and test Cloudflare WAFCode Analysis 👨🏻💻
Tools for analyzing codeCryptography-Encoding-Crackin🔐
Digital Forensic 🟦
Tools for performing digital forensicEmail Header Analyzer 📧
Tools for analyze emailsEvasion Tools 🟥
Tools for automated obfuscationFlipper Zero 🐬
Honeypots 🟦
ICS/SCADA Security 🔒
Tools for ICS/SCADAIncident Response 🟦
Tools for performing Incident ResponseInformation Gathering 🟥
Tools for enumerating target and gain information about targetsIoT PT 🟥
Tools for performing Internet of Things Penetration TestingM365 / Azure Security ☁️
Malware Analysis 🟦
Tools for performing Malware Analysis and SandboxesNetwork PT 🟥
Tools for performing network pentesting and packet craftingOSINT 🕵🏻
Tools for perfoming Open Source IntelligencePhishing 📦
Tools for performing phishingReports 📝
Tools for automated reportsSoftware Security
Steganography 🪄
Tools for performing steganographyWAF 🟦
Web Application PT 🟥
Tools for performing Web Application PTWiFi PT 🟥
Tools for performing WiFi Penetation TestingWindows Events Log 🟦
Tools for analyzing and parsing Windows Events LogWindows PT 🟥
Wordlists 📝
Tools for creating personalized wordlists and for mangling themYara 🟦
Tools for Yara rulesStars
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
🆕 The Multi-Tool Web Vulnerability Scanner.
Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat…
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
A curated list of resources related to Industrial Control System (ICS) security.
Azure Red Team tool for graphing Azure and Azure Active Directory objects
Web vulnerability scanner written in Python3
Automatically exported from code.google.com/p/fern-wifi-cracker
OSINT tool to find breached emails, databases, pastes, and relevant information
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Powerful Python tool to analyze PDF documents
An XSS exploitation command-line interface and payload generator.
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Generates millions of keyword-based password mutations in seconds.
Open Source Intelligence Interface for Deep Web Scraping
Burp Plugin to Bypass WAFs through the insertion of Junk Data
Automatic SSTI detection tool with interactive interface
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.