In-depth attack surface mapping and asset discovery

cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not …

The Havoc Framework

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Fetch all the URLs that the Wayback Machine knows about for a domain

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Find domains and subdomains related to a given domain

A tool to perform Kerberos pre-auth bruteforcing

Take a list of domains and probe for working HTTP and HTTPS servers

Real-time HTTP Intrusion Detection

Subdomain Takeover tool written in Go

🐍 Manage and run your integration tests with efficiency - Venom run executors (script, HTTP Request, web, imap, etc... ) and assertions

Get GTFOBins info about a given exploit from the command line