The Offensive Manual Web Application Penetration Testing Framework.

Remote Desktop Protocol in Twisted Python

📡 A python program to create a fake AP and sniff data.

OSINT Tool: Generate username lists for companies on LinkedIn

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

Undetectable Windows Payload Generation

⛔ offsec batteries included

A collection of common regular expressions bundled with an easy to use interface.

Binary analysis and management framework

Pop shells like a master.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Active Directory information dumper via LDAP

Subdomain enumeration tool

PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2

Exploits written by the Rhino Security Labs team

MSDAT: Microsoft SQL Database Attacking Tool

Email recon made fast and easy, with a framework to build on

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.

Email addresses harvester

Web Content Discovery Tool

Tools for Kerberos PKINIT and relaying to AD CS

Python / C# Unmanaged PowerShell based RAT

Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

application server attack toolkit

NTLMv1 Multitool

DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking

Search for potential frontable domains

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

VBA Obfuscation Tools combined with an MS office document generator