Master programming by recreating your favorite technologies from scratch.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Metasploit Framework

Automatic SQL injection and database takeover tool

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

World's fastest and most advanced password recovery utility

Find secrets with Gitleaks 🔑

😱 A curated list of amazingly awesome OSINT

Find, verify, and analyze leaked credentials

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

E-mails, subdomains and names Harvester - OSINT

Most advanced XSS scanner.

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

In-depth attack surface mapping and asset discovery

Web path scanner

💥 A curated list of Terminal frameworks, plugins & resources for CLI lovers.

Incredibly fast crawler designed for OSINT.

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

Nmap - the Network Mapper. Github mirror of official SVN repository.

hydra

Fast subdomains enumeration tool for penetration testers

Adversary Emulation Framework

OSINT Framework

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Attack Surface Management Platform

Multi-Cloud Security Auditing Tool

A curated list of amazingly awesome Home Assistant resources.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Collection of Cyber Threat Intelligence sources from the deep and dark web