AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Interact with your documents using the power of GPT, 100% privately, no data leaks

get things from one computer to another, safely

Exploitation Framework for Embedded Devices

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

Py2/py3 script that can download macOS components direct from Apple

Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.

Dark Web OSINT Tool

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Create a USB Rubber Ducky like device using a Raspberry PI Pico

A Python based ingestor for BloodHound

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues i…

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Tool to scan for secret files on HTTP servers

BloodyAD is an Active Directory Privilege Escalation Framework

pwning IPv4 via IPv6

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Reverse proxies cheatsheet

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

⛔ offsec batteries included

Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into account…

Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.