A collective list of free APIs

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites

🕵️‍♂️ Offensive Google framework.

Impacket is a collection of Python classes for working with network protocols.

Incredibly fast crawler designed for OSINT.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Fast subdomains enumeration tool for penetration testers

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

A swiss army knife for pentesting networks

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, …

Bluetooth Low Energy Swiss-army knife

Hacking tools pack & backdoors generator.

pwning IPv4 via IPv6

Drone pentesting framework console

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive …

Undetectable Windows Payload Generation

A pentest reporting tool written in Python. Free yourself from Microsoft Word.

Generates video game music using neural networks.

Information gathering (OSINT) on a person (EU)

A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE

Open source pre-operation C2 server based on python and powershell

Shellcode wrapper with encryption for multiple target languages

Network brute force tool, written in Python. Faster than other existing solutions (including the main leader in the network brute force market).

SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on a system.

🌯 Give me a web shell, I'll give you a terminal.

Python Obfuscator to generate One-Liners and FUD Payloads.