Starred repositories
Impacket is a collection of Python classes for working with network protocols.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
In-depth attack surface mapping and asset discovery
Fast passive subdomain enumeration tool.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
WebGoat is a deliberately insecure application
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Investigate malicious Windows logon by visualizing and analyzing Windows event log
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Everything about Web Application Firewalls (WAFs) from Security Standpoint! π₯
Six Degrees of Domain Admin
π Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
A little tool to play with Windows security
File upload vulnerability scanner and exploitation tool.
π A toolkit for testing, tweaking and cracking JSON Web Tokens
A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
Bloodhound Reporting for Blue and Purple Teams
A curated list of amazingly awesome Burp Extensions
List of Awesome Asset Discovery Resources
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
All the deals for InfoSec related software/tools this Black Friday
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.