Security automation with n8n ideas: 100+ Red/Blue/AppSec workflows, integrations, and ready-to-run playbooks.

Android security guides, roadmap, docs, courses, write-ups, and teryaagh.

Mimikatz implementation in pure Python

Adversary Emulation Framework

Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality.

Get Subject Alt Name from SSL Certificates

A curated list of free courses with certifications. Also available at https://free-certifications.com/

API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).

Notes for taking the OSCP in 2097. Read in book form on GitBook

This is a collection of resources, scripts, bookmarks, writeups, notes, cheatsheets that will help you in OSCP Preparation as well as for general pentesting and learning. If you feel like you can c…

My own OSCP guide

In-depth attack surface mapping and asset discovery

OSCP Cheat Sheet

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

🔍 Search anyone's digital footprint across 300+ websites

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

The Havoc Framework

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Generates millions of keyword-based password mutations in seconds.

TheSprayer is a cross-platform tool designed to help penetration testers spray passwords against an Active Directory domain without locking out accounts.

Modlishka. Reverse Proxy.

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…

A little tool to play with Windows security

A list of free and open forensics analysis tools and other resources

Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).

OSWE, OSEP, OSED, OSEE