SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Google Chrome, Firefox, and Thunderbird extension that lets you write email in Markdown and render it before sending.

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

An evolving how-to guide for securing a Linux server.

A little tool to play with Windows security

🕵️‍♂️ Offensive Google framework.

Defund the Police.

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

an awesome list of honeypot resources

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

A curated list of tools for incident response

🍯 T-Pot - The All In One Multi Honeypot Platform 🐝

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Attack and defend active directory using modern post exploitation adversary tradecraft activity

PowerShell Obfuscator

Automation for internal Windows Penetrationtest / AD-Security

List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software.

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

Collection of awesome color schemes for Neo/vim, merged for quick use.

PowerShell functions and scripts (Azure, Active Directory, SCCM, SCSM, Exchange, O365, ...)

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

Modular and decentralised honeypot