A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Nim Library for Offensive Security Development

A fast, multithreaded, ROP-gadget semantics analyzer.

Your CLI home video recorder 📼

Redis(<=5.0.5) RCE

GitHub App to set and enforce security policies

Recognize cpu instructions in an arbitrary binary file

Stealing Signatures and Making One Invalid Signature at a Time

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

Spartacus DLL/COM Hijacking Toolkit

DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

.NET/PowerShell/VBA Offensive Security Obfuscator

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

OpenGrok is a fast and usable source code search and cross reference engine, written in Java

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…

sample configs showing how to colorize the output of nmap

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

Fast and customizable subdomain wordlist generator using DSL

A tiling window manager for macOS based on binary space partitioning

Public Repo for Atomic Test Harness

An automatic unpacker and logger for DotNet Framework targeting files

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security teste…

SIP Security Assessment Framework for VoIP Pentesters. Presented at DEFCON, BlackHat & Offzone.

Nightingale Docker for Pentesters is a comprehensive Dockerized environment tailored for penetration testing and vulnerability assessment. It comes preconfigured with all essential tools and utilit…

A collection of awesome penetration testing resources, tools and other shiny things

Nuclei Templates Collection

Directory/File, DNS and VHost busting tool written in Go

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact