A comprehensive reconnaissance and vulnerability scanning tool that combines multiple security assessment capabilities into a single automated workflow.

Python 26 2 Updated Jun 24, 2025

microsoft / AI-Red-Teaming-Playground-Labs

AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.

TypeScript 1,711 253 Updated Oct 7, 2025

awesome-selfhosted / awesome-selfhosted

A list of Free Software network services and web applications which can be hosted on your own servers

256,604 11,844 Updated Nov 5, 2025

redhuntlabs / Awesome-Asset-Discovery

List of Awesome Asset Discovery Resources

2,241 365 Updated Jan 22, 2025

infosecn1nja / AD-Attack-Defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

4,737 1,086 Updated Jul 29, 2025

trickest / cve

Gather and update all available and newest CVEs with their PoC.

HTML 7,326 926 Updated Nov 5, 2025

jonaslejon / malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Python 3,532 461 Updated Jul 3, 2025

enaqx / awesome-pentest

A collection of awesome penetration testing resources, tools and other shiny things

24,318 4,658 Updated Jul 1, 2025

kaiiyer / awesome-vulnerable

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

1,208 194 Updated Jun 6, 2025

tomnomnom / anew

A tool for adding new lines to files, skipping duplicates

Go 1,586 174 Updated Jan 12, 2024

0xInfection / Awesome-WAF

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥

Python 6,956 1,119 Updated Aug 28, 2025

mandatoryprogrammer / xsshunter

The XSS Hunter service - a portable version of XSSHunter.com

JavaScript 1,535 305 Updated Dec 7, 2022

003random / getJS

A tool to fastly get all javascript sources/files

Go 836 115 Updated Jul 4, 2025

0xsha / GoLinkFinder

A fast and minimal JS endpoint extractor

Go 381 53 Updated Nov 10, 2024

lc / gau

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Go 4,645 501 Updated Jan 1, 2025

projectdiscovery / nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

JavaScript 11,291 3,128 Updated Nov 6, 2025

Karanxa / Bug-Bounty-Wordlists

A repository that includes all the important wordlists used while bug hunting.

1,348 352 Updated Mar 11, 2023

cybershujin / Threat-Actors-use-of-Artifical-Intelligence

271 26 Updated Aug 30, 2025

BushidoUK / Open-source-tools-for-CTI

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

739 124 Updated Oct 27, 2025

redcanaryco / atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

C 11,176 2,992 Updated Nov 6, 2025

pwndoc / pwndoc

Pentest Report Generator

JavaScript 2,669 483 Updated Aug 29, 2025

HolyBugx / HolyTips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

1,929 323 Updated Sep 5, 2021

MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

JavaScript 19,743 3,507 Updated Nov 5, 2025

utkusen / turkce-wordlist

Türk kullanıcıların parola seçimlerinin analizi için yapılmış bir çalışmadır

Python 825 244 Updated Sep 12, 2023

fastfire / deepdarkCTI

Collection of Cyber Threat Intelligence sources from the deep and dark web

6,249 1,049 Updated Nov 5, 2025

projectdiscovery / katana

A next-generation crawling and spidering framework.

Go 14,384 807 Updated Oct 27, 2025

Aziz Kartal kartalaziz

Organizations

Lists (6)

BugBounty

Cybersecurity Lists

Cybersecurity Tools

Golang

OSINT

Python

Starred repositories

Security

Python

Linux

JavaScript

HTML