Stars
Nano is a family of PHP web shells which are code golfed for stealth.
GlobaLeaks is a free and open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.
Python script for trying default passwords for some TP-Link Hotspots
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Toolkit for Playing with Wi-Fi Probe Requests
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
A Cross Site Scripting scanner using selenium webdriver
OSINT Tool for Finding Passwords of Compromised Email Addresses
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
A modern, portable, easy to use crypto library.
This is a multi-use bash script for Linux systems to audit wireless networks.
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
PowerShell Script that generates a GUI/WinForms loaded with tons of functions
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Fetch many paths for many hosts - without killing the hosts
MCD's Black Jack is a password cracking tool for linux that cracks md5, sha1, sha256 and sha512 hashes. It uses the Dictionary bruteforcing method.
Perform advanced MiTM attacks on websites with ease 💉
Relational database brute force and post exploitation tool for MySQL and MSSQL