Generate bootable macOS installer ISO or DMG images directly from Apple servers via GitHub Actions - no Mac required. Mac OS X 10.7 - macOS 26 Tahoe

Displays a flight directly above you in a fancy display

Template-Driven AV/EDR Evasion Framework

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

This program show you IMSI numbers of cellphones around you.

GsmEvil 2

EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation

tunnel port to port traffic over an obfuscated channel with AES-GCM encryption.

evilginx3 + gophish

UAC bypass by abusing RPC and debug objects.

Sandman is a NTP based backdoor for hardened networks.

File upload vulnerability scanner and exploitation tool.

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate re…

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

Burp Suite Extension useful to verify OAUTHv2 and OpenID security

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Android penetration testing tool for Kali linux

KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.

BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities