The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

E-mails, subdomains and names Harvester - OSINT

Prowler is the Open Cloud Security for AWS, Azure, GCP, Kubernetes, M365 and more. As agent-less, it helps for continuous monitoring, security assessments & audits, incident response, compliance, h…

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

A fancy self-hosted monitoring tool

Hunt down social media accounts by username across social networks

Scan for misconfigured S3 buckets across S3-compatible APIs!

The recursive internet scanner for hackers. 🧡

Small and highly portable detection tests based on MITRE's ATT&CK.

Ahmia.fi - Hidden service search engine

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?

Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

📚 Freely available programming books

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

Automating situational awareness for cloud penetration tests.

The Network Execution Tool

A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🐬 Feature-rich, stable and customizable Flipper Firmware

Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science

Windows Exploit Suggester - Next Generation

🤖 The Modern Port Scanner 🤖

Continuous password spraying tool

Knock Subdomain Scan

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

A Python based ingestor for BloodHound

Lightweight, open-source control tool for ASUS laptops and ROG Ally. Manage performance modes, fans, GPU, battery, and RGB lighting across Zephyrus, Flow, TUF, Strix, Scar, and other models.

WifiForge is a tool developed by Black Hills InfoSec to help train Pentesters on different Wi-Fi attack vectors and Wireless capabilities.

Rapidly Search and Hunt through Windows Forensic Artefacts