Stars
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
Automatic SQL injection and database takeover tool
World's fastest and most advanced password recovery utility
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
E-mails, subdomains and names Harvester - OSINT
Directory/File, DNS and VHost busting tool written in Go
Exploitation Framework for Embedded Devices
dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
Incredibly fast crawler designed for OSINT.
Fast subdomains enumeration tool for penetration testers
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
🍯 T-Pot - The All In One Multi Honeypot Platform 🐝
Scripted Local Linux Enumeration & Privilege Escalation Checks
Rewrite of the popular wireless network auditor, "wifite"
Game Agent Framework. Helping you create AIs / Bots that learn to play any game you own!