Stars
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Subdomain enumeration and information gathering tool
Automatically Launch Google Hacking Queries Against A Target Domain
Crawler (Bot) searching for credential leaks on paste sites.
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
A step-by-step tutorial for building a simple kernel
An Intelligent wordlist generator based on user profiling, permutations, and statistics. (Named after the same tool in Mr.Robot series S01E01)
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Arsenal is just a quick inventory and launcher for hacking programs
The new Windows Terminal and the original Windows console host, all in the same place!
Rich is a Python library for rich text and beautiful formatting in the terminal.
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Incredibly fast crawler designed for OSINT.
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Scanning APK file for URIs, endpoints & secrets.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
Faker is a Python package that generates fake data for you.
All Algorithms implemented in Python
Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield