Lists (31)
AD Tools 🏛️
Android Security 📱
AWS Security ☁️
Tools for improve AWS environments securityC2 🟥
Cloudflare WAF ☁️
Tools for audit and test Cloudflare WAFCode Analysis 👨🏻💻
Tools for analyzing codeCryptography-Encoding-Crackin🔐
Digital Forensic 🟦
Tools for performing digital forensicEmail Header Analyzer 📧
Tools for analyze emailsEvasion Tools 🟥
Tools for automated obfuscationFlipper Zero 🐬
Honeypots 🟦
ICS/SCADA Security 🔒
Tools for ICS/SCADAIncident Response 🟦
Tools for performing Incident ResponseInformation Gathering 🟥
Tools for enumerating target and gain information about targetsIoT PT 🟥
Tools for performing Internet of Things Penetration TestingM365 / Azure Security ☁️
Malware Analysis 🟦
Tools for performing Malware Analysis and SandboxesNetwork PT 🟥
Tools for performing network pentesting and packet craftingOSINT 🕵🏻
Tools for perfoming Open Source IntelligencePhishing 📦
Tools for performing phishingReports 📝
Tools for automated reportsSoftware Security
Steganography 🪄
Tools for performing steganographyWAF 🟦
Web Application PT 🟥
Tools for performing Web Application PTWiFi PT 🟥
Tools for performing WiFi Penetation TestingWindows Events Log 🟦
Tools for analyzing and parsing Windows Events LogWindows PT 🟥
Wordlists 📝
Tools for creating personalized wordlists and for mangling themYara 🟦
Tools for Yara rulesStars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Automatic SQL injection and database takeover tool
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Incredibly fast crawler designed for OSINT.
The recursive internet scanner for hackers. 🧡
A swiss army knife for pentesting networks
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
IntelOwl: manage your Threat Intelligence at scale
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
An XSS exploitation command-line interface and payload generator.
Generates millions of keyword-based password mutations in seconds.
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
A fuzzer for detecting open redirect vulnerabilities
analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple formats.
DoSinator is a powerful Denial of Service (DoS) testing tool developed in Python.
The purpose of this tool is: 1. to transliterate and generate possible usernames out of a full names list that may include names written in multiple (non-English) languages, common problem occurrin…