Lists (8)
Cloud Tools
Tools for cloud pentestingExternal Network Tools
Internal Network Tools
Linux Utilities
Useful tools for working within Linux OSReconnaissance Tools
Reporting
Stealth & Repudiation
Windows Utilities
Stars
MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdomain. The extensions UI popup highlights any misconfigurations…
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Oh my tmux! My self-contained, pretty & versatile tmux configuration made with 💛🩷💙🖤❤️🤍
Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
Dump Azure AD Connect credentials for Azure AD and Active Directory
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
mr-pmillz / ssh-audit
Forked from jtesta/ssh-auditSSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
AADInternals PowerShell module for administering Azure AD and Office 365
rvrsh3ll / gnmap-parser
Forked from jasonjfrank/gnmap-parserBash script to parse multiple Nmap (.gnmap) exports into various plain-text formats for easy analysis.
Style definitions for nice terminal layouts 👄
An ike-scan wrapper to simplify penetration testing IKE and encourage stronger IKE implementations.
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
Render markdown on the CLI, with pizzazz! 💅🏻
jless is a command-line JSON viewer designed for reading, exploring, and searching through JSON data.
A pure python tool for finding and comparing typo-squatting, bitsqatting, and homoglyph domain attacks and brand impersonation
Small, fast tool for performing reverse DNS lookups en masse.
A collection of handy Bash One-Liners and terminal tricks for data processing and Linux system maintenance.
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
The modern API client that lives in your terminal.
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with co…