Lists (31)
AD Tools 🏛️
Android Security 📱
AWS Security ☁️
Tools for improve AWS environments securityC2 🟥
Cloudflare WAF ☁️
Tools for audit and test Cloudflare WAFCode Analysis 👨🏻💻
Tools for analyzing codeCryptography-Encoding-Crackin🔐
Digital Forensic 🟦
Tools for performing digital forensicEmail Header Analyzer 📧
Tools for analyze emailsEvasion Tools 🟥
Tools for automated obfuscationFlipper Zero 🐬
Honeypots 🟦
ICS/SCADA Security 🔒
Tools for ICS/SCADAIncident Response 🟦
Tools for performing Incident ResponseInformation Gathering 🟥
Tools for enumerating target and gain information about targetsIoT PT 🟥
Tools for performing Internet of Things Penetration TestingM365 / Azure Security ☁️
Malware Analysis 🟦
Tools for performing Malware Analysis and SandboxesNetwork PT 🟥
Tools for performing network pentesting and packet craftingOSINT 🕵🏻
Tools for perfoming Open Source IntelligencePhishing 📦
Tools for performing phishingReports 📝
Tools for automated reportsSoftware Security
Steganography 🪄
Tools for performing steganographyWAF 🟦
Web Application PT 🟥
Tools for performing Web Application PTWiFi PT 🟥
Tools for performing WiFi Penetation TestingWindows Events Log 🟦
Tools for analyzing and parsing Windows Events LogWindows PT 🟥
Wordlists 📝
Tools for creating personalized wordlists and for mangling themYara 🟦
Tools for Yara rulesStars
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Noriben - Portable, Simple, Malware Analysis Sandbox
Enumerate the permissions associated with AWS credential set
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Search WiFi geolocation data by BSSID and SSID on different public databases.
Tool to search secrets in various filetypes.
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
Username enumeration and password spraying tool aimed at Microsoft O365.
Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azur…
HomePwn - Swiss Army Knife for Pentesting of IoT Devices
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
AzureGoat : A Damn Vulnerable Azure Infrastructure
A fuzzer for detecting open redirect vulnerabilities
A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Browser Extension Analysis Framework - Scan, Analyze Chrome, firefox and Brave extensions for vulnerabilities and intels
A basic tool to check security headers of a website
A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering a…
BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more c…
analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple formats.
A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning
The Ultimate URL Masking Tool - An open-source URL masking tool designed to help you Hide Phishing URLs and make them look legit using social engineering techniques.