In-depth DNS Enumeration and Network Mapping

A Tool for Domain Flyovers

Collaborative Penetration Test and Vulnerability Management Platform

Penetration Testing / OSCP Biggest Reference Bank / Cheatsheet

Misc tools for reversing, exploit and pentest

A collection of various awesome lists for hackers, pentesters and security researchers

A curated list of CTF frameworks, libraries, resources and softwares

Web application fuzzer

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SpiderFoot, the most complete OSINT collection and reconnaissance tool.

Discover your attack surface!

SimplE RePort wrIting and COllaboration tool

Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and we…

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

An extremely fast and flexible web fuzzer

A python script that finds endpoints in JavaScript files

Reconnaissance tool for GitHub organizations

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.

Official Black Hat Arsenal Security Tools Repository

Medusa is a speedy, parallel, and modular, login brute-forcer.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Automatically Launch Google Hacking Queries Against A Target Domain

This repository is to make life of the pentester easy as it is a collection of the websites that can be used by pentesters for day to day studies and to remain updated.

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible…

Second-order subdomain takeover scanner

Python 3.5+ DNS asynchronous brute force utility