Interactive roadmaps, guides and other educational content to help developers grow in their careers.

OSINT Framework

OSINT Tool Selection Wizard attempt to use a guided approach that connects you to the perfect tools quickly. It serves beginners who feel overwhelmed by available tools and experienced professional…

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Common User Passwords Profiler (CUPP)

Powerline is a statusline plugin for vim, and provides statuslines and prompts for several other applications, including zsh, bash, tmux, IPython, Awesome and Qtile.

Customize your Bash Prompt by setting the PS1 variable.

Rewrite of the popular wireless network auditor, "wifite"

Socket over DNS tunnel

proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" fo…

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

Tool to find metadata and hidden information in the documents.

Ultimate Python study guide 🐍 🐍 🐍

An opinionated list of awesome Python frameworks, libraries, software and resources.

Dradis Framework: Collaboration and reporting for IT Security teams

Six Degrees of Domain Admin

A fully featured backdoor that uses Twitter as a C&C server

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means o…

This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/rem…

A WebSocket C2 Tool

Hunt for security weaknesses in Kubernetes clusters

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker conta…

Vulnerability Static Analysis for Containers

A vulnerability scanner for container images and filesystems

A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks

Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.