Stars
📚 Freely available programming books
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
A fast sub domain brute tool for pentesters
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
A VBA parser and emulation engine to analyze malicious macros.
Collection of things made during my OSCP journey
A collection of resources for Threat Hunters
Browser Extension Analysis Framework - Scan, Analyze Chrome, firefox and Brave extensions for vulnerabilities and intels
This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.
Python library for connecting to CertStream
Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.
Various Modules & Scripts for use with Viper Framework
Extension of sublister tool to check for subdomain takeovers
Automatically exported from code.google.com/p/bones7456
Google chrome extensions downloader coded in python
A Burp Suite Professional extension for decrypting/decoding various types of cookies.
This is a small Python3 script that allows you to search and download samples from Hybrid Analysis' v2 API
Using Cert Spotter API to grab subdomains from transparency logs to making Shodan Queries