SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

A swiss army knife for pentesting networks

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Windows Exploit Suggester - Next Generation

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Arsenal is just a quick inventory and launcher for hacking programs

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

File upload vulnerability scanner and exploitation tool.

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

Run PowerShell command without invoking powershell.exe

Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!

Hackish way to intercept and modify non-HTTP protocols through Burp & others.

Medfusion 4000 security research & a MQX RCE.

PatrowlHears - Vulnerability Intelligence Center / Exploits

Android_Emuroot is a Python script that allows granting root privileges on the fly to shells running on Android virtual machines that use google-provided emulator images called Google API Playstore…

Audit and modify an Ubuntu system to satisfy CIS (Center for Internet Security) rules

A simple script to decrypt stored passwords from the Oracle SQL Developer IDE

Python script that converts Burp Suite HTTP proxy history files to CSV or HTML