This repository has some useful tools for the daily work of pentesters and red teamers.
Red team attack simulator in Python
An advanced penetration testing framework that automates the process of discovering and chaining vulnerabilities from reconnaissance to exploitation.
SQL-Injection-Scanner is a powerful, lightweight Python tool for detecting SQL injection vulnerabilities in web apps. It supports GET/POST methods, custom payloads, and proxy integration. Perfect for ethical hackers, bug bounty hunters, and developers to quickly identify and report injection flaws with accuracy, speed, and minimal setup.
🔍 Generate detection artifacts for FortiWeb authentication bypass vulnerabilities with this Python script to enhance your security testing.
It is an automated Python virtual machine escape payload skipping framework that helps security researchers discover viable payload variants under strict character blacklist restrictions.
Python script for offensive security conducts digital dumpster diving by exfiltrating all data from a Windows Recycle Bin.
A multi-threaded directory brute-forcer with intelligent throttling, retry logic and response fingerprinting.
A tool for create encoded payloads and test them on targets
XSS Finder is a Python-based tool designed to identify potential cross-site scripting (XSS) vulnerabilities on websites. It automates the process of scanning web applications for XSS flaws by sending payloads to various input points and analyzing responses. This tool is suitable for security professionals and developers looking to enhance their web
Curated List of my own Python based tools
A simple Python-based subdomain enumeration tool for recon.
Cybersecurity Home Lab for practicing Secure Network Management and Offensive Security
🎯 AI-Powered Reconnaissance Orchestrator for Penetration Testing
Escáner avanzado de adquisición de subdominios escrito en Python.
A tool to check for MAC addresses vendor
A tool for pen testers & red team operators to scan Banner Extensibility (Page Builder) for accessible pages
A powerful and modular PoC tool for CVE‑2025‑25257 in Fortinet FortiWeb, enabling reverse shell, encrypted data exfiltration, persistence, and cleanup capabilities.
PoCs and scripts for offensive security operations.
A powerful, modular tool for ethical hacking and red team simulations. Features advanced keylogging (for lab use), stealth PowerShell payloads, reverse shell execution, and Nmap-based network recon — all packaged for real-world adversarial emulation. Use responsibly.
Add a description, image, and links to the offensive-security topic page so that developers can more easily learn about it.
To associate your repository with the offensive-security topic, visit your repo's landing page and select "manage topics."