Lists (31)
AD Tools 🏛️
Android Security 📱
AWS Security ☁️
Tools for improve AWS environments securityC2 🟥
Cloudflare WAF ☁️
Tools for audit and test Cloudflare WAFCode Analysis 👨🏻💻
Tools for analyzing codeCryptography-Encoding-Crackin🔐
Digital Forensic 🟦
Tools for performing digital forensicEmail Header Analyzer 📧
Tools for analyze emailsEvasion Tools 🟥
Tools for automated obfuscationFlipper Zero 🐬
Honeypots 🟦
ICS/SCADA Security 🔒
Tools for ICS/SCADAIncident Response 🟦
Tools for performing Incident ResponseInformation Gathering 🟥
Tools for enumerating target and gain information about targetsIoT PT 🟥
Tools for performing Internet of Things Penetration TestingM365 / Azure Security ☁️
Malware Analysis 🟦
Tools for performing Malware Analysis and SandboxesNetwork PT 🟥
Tools for performing network pentesting and packet craftingOSINT 🕵🏻
Tools for perfoming Open Source IntelligencePhishing 📦
Tools for performing phishingReports 📝
Tools for automated reportsSoftware Security
Steganography 🪄
Tools for performing steganographyWAF 🟦
Web Application PT 🟥
Tools for performing Web Application PTWiFi PT 🟥
Tools for performing WiFi Penetation TestingWindows Events Log 🟦
Tools for analyzing and parsing Windows Events LogWindows PT 🟥
Wordlists 📝
Tools for creating personalized wordlists and for mangling themYara 🟦
Tools for Yara rulesStars
😎 Awesome lists about all kinds of interesting topics
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Automatic SQL injection and database takeover tool
🕵️♂️ All-in-one OSINT tool for analysing any website
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
Information gathering framework for phone numbers
Incredibly fast crawler designed for OSINT.
The recursive internet scanner for hackers. 🧡
A swiss army knife for pentesting networks
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
Accurately Locate Smartphones using Social Engineering
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …
This is a multi-use bash script for Linux systems to audit wireless networks.
A fast, simple, recursive content discovery tool written in Rust.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A list of interesting payloads, tips and tricks for bug bounty hunters.
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Automate the creation of a lab environment complete with security tooling and logging best practices