All Algorithms implemented in Python

The new Windows Terminal and the original Windows console host, all in the same place!

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Rich is a Python library for rich text and beautiful formatting in the terminal.

A new type of shell

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Faker is a Python package that generates fake data for you.

Web path scanner

Incredibly fast crawler designed for OSINT.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

Scanning APK file for URIs, endpoints & secrets.

Arsenal is just a quick inventory and launcher for hacking programs

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Fast, multi-protocol credential brute-forcer. Parses Nmap, Nessus, and Nexpose output to automatically test default and custom credentials across 28 protocols.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

记录自己编写、修改的部分工具

Subdomain enumeration tool

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

Python Tool that gives you the ability to run Advanced Google Queries (Known as Google Dorks - Google Dorking)

Mass scan IPs for vulnerable services

An Intelligent wordlist generator based on user profiling, permutations, and statistics. (Named after the same tool in Mr.Robot series S01E01)

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

Crawler (Bot) searching for credential leaks on paste sites.

Automatically Launch Google Hacking Queries Against A Target Domain

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

📱ᴘʜᴏɴᴇ ɴᴜᴍʙᴇʀ ʟᴏᴏᴋᴜᴘ📱