πŸ”’ Tools

PSRansom


PSRansom is a PowerShell Ransomware Simulator with C...

GitHubπŸ“„ How To

MobSF


Mobile Security Framework (MobSF) is an automated, a...

GitHubπŸ“„ How To

ADRT


In order to collaborate with the day-to-day tasks of...

GitHubπŸ“„ How To

WindapSearch


windapsearch is a Python script to help enumerate us...

GitHubπŸ“„ How To

PingCastle


Get Active Directory Security at 80% in 20% of the t...

Site

N E R V E


NERVE is a vulnerability scanner tailored to find lo...

GitHubπŸ“„ How To

IntelSpy


IntelSpy is a multi-threaded network intelligence to...

GitHubπŸ“„ How To

PywerView


As a pentester, I love using PowerView during my ass...

GitHubπŸ“„ How To

Crowbar


Crowbar (formally known as Levye) is a brute forcing...

GitHubπŸ“„ How To

MKBRUTUS


Some boxes running Mikrotik RouterOS (3.x or newer) ...

GitHubπŸ“„ How To

pemcracker


This tool is inspired by pemcrack by Robert Graham. ...

GitHubπŸ“„ How To

MimiPenguin


akes advantage of cleartext credentials in memory by...

GitHubπŸ“„ How To

phishery


Phishery is a Simple SSL Enabled HTTP server with th...

GitHubπŸ“„ How To

bap


bap is a webservice honeypot that logs HTTP basic au...

GitHubπŸ“„ How To

CeWL


Based on a discussion on PaulDotCom (episode 129) ab...

GitHubπŸ“„ How To

Cerbrutus


Modular brute force tool written in Python, for very...

GitHubπŸ“„ How To

Zphisher


Any actions and or activities related to Zphisher is...

GitHubπŸ“„ How To

RDCMan


RDCMan manages multiple remote desktop connections. ...

SiteπŸ“„ How To

MimiKatz


mimikatz is a tool Ive made to learn C and make some...

GitHubπŸ“„ How To

PyPhisher


Ultimate phishing tool in python. Includes popular w...

GitHubπŸ“„ How To

CredPhish


CredPhish is a PowerShell script designed to invoke ...

GitHubπŸ“„ How To

BruteShark


BruteShark is a Network Forensic Analysis Tool (NFAT...

Site

Steganography


Steganography applications conceal information in ot...

Site

Ghiro


Sometime forensic investigators need to process digi...

GitHubπŸ“„ How To

DeepSound


DeepSound is a steganography tool and audio converte...

Site

Cloakify


CloakifyFactory & the Cloakify Toolset - Data Exfilt...

GitHubπŸ“„ How To

HCONSTF


Hcon is the spirit of gaining & sharing knowledge. I...

Site

PentestBox


PenTestBox was developed entirely for Windows users ...

Site

SANDCAT


Sandcat Browser brings unique features that are usef...

Site

FuckShell


FuckShell is an open source tool that, when executed...

GitHubπŸ“„ How To

SPARTA


SPARTA is a python GUI application which simplifies ...

GitHubπŸ“„ How To

SpiderFoot


SpiderFoot is an open source intelligence (OSINT) au...

GitHubπŸ“„ How To

WATOBO


WATOBO – The WebApplication ToolBox is a PenTest too...

Site

WEEVELY


WEEVELY is a tool developed in Python that allows a ...

GitHubπŸ“„ How To

bettercap


bettercap is a powerful, easily extensible and porta...

GitHubπŸ“„ How To

WPForce


WPForce is a suite of Wordpress Attack tools. Curren...

GitHubπŸ“„ How To

TheFatRat


TheFatRat is an exploiting tool which compiles a mal...

GitHubπŸ“„ How To

CHAOS


CHAOS is a free and open-source Remote Administratio...

GitHubπŸ“„ How To

ASWCrypter


An Bash & Python Script For Generating Payloads that...

GitHubπŸ“„ How To

JSRat-Py


This is my implementation of JSRat.ps1 in Python so ...

GitHubπŸ“„ How To

BloodHound


BloodHound is a single page Javascript web applicati...

GitHubπŸ“„ How To

Kage


Kage (ka-geh) is a tool inspired by AhMyth designed ...

GitHubπŸ“„ How To

ReVBShell


ReVBSell is a project that provides a Server script ...

GitHubπŸ“„ How To

Bad-PDF


Bad-PDF create malicious PDF file to steal NTLM(NTLM...

GitHubπŸ“„ How To

Karkinos


This tool should be used on applications/networks th...

GitHubπŸ“„ How To

Reverse Shell


Hosted Reverse Shell generator with a ton of functio...

GitHubπŸ“„ How To

revshell gen


Standalone script written in Python 3 for generating...

GitHubπŸ“„ How To

Log4j Shell Poc


A Proof-Of-Concept for the recently found CVE-2021-4...

GitHubπŸ“„ How To

HoaxShell


hoaxshell is a Windows reverse shell payload generat...

GitHubπŸ“„ How To

Chimera


Chimera is a (shiny and very hack-ish) PowerShell ob...

GitHubπŸ“„ How To

DVWA


Damn Vulnerable Web Application (DVWA) is a PHP/MySQ...

GitHubπŸ“„ How To

bWAPP


bWAPP helps security enthusiasts, developers and stu...

SiteπŸ“„ How To

D-TECT


D-TECT is an All-In-One Tool for Penetration Testing...

GitHubπŸ“„ How To

Fake-AP


Fakeap is a script to perform Evil Twin Attack, by g...

GitHub

Wifite


This repo is a complete re-write of wifite, a Python...

GitHub

wifiphisher


Wifiphisher is a rogue Access Point framework for co...

GitHub

Fluxion


Fluxion is the Future of MITM WPA Attacks" It is a r...

GitHub

bluepot


Bluepot was a third year university project attempti...

GitHub

pixiewps


Pixiewps is a tool written in C used to bruteforce o...

GitHub

wifipumpkin3


wifipumpkin3 is powerful framework for rogue access ...

GitHub

darkdump


Darkdump is a simple script written in Python3.11 in...

GitHub

rang3r


rang3r is a python script build in Python 2.7 which ...

GitHub

grabcam


Grabcam is a bash based script which is officially m...

GitHub

Cam-Hackers


Here you will find a list of several cameras from ar...

GitHub

Mandic magiC


WiFi Magic, Internet for everyone. Access the Intern...

SiteπŸ“„ How To

WIRESEC


Wiresec is a script that organizes and performs the ...

GitHubπŸ“„ How To

JoomScan


OWASP Joomla! Vulnerability Scanner (JoomScan) is an...

GitHubπŸ“„ How To

Sucuri Security


The Sucuri Security WordPress plugin is free to all ...

SiteπŸ“„ How To

netsparker


Invicti is a web vulnerability management solution t...

SiteπŸ“„ How To

RIPS


RIPS is the most popular static code analysis tool t...

SiteπŸ“„ How To

graudit


graudit is a simple script and signature sets that a...

GitHubπŸ“„ How To

YASUO


Yasuo is a ruby script that scans for vulnerable 3rd...

GitHubπŸ“„ How To

XSSCRAPY


Fast, thorough, XSS/SQLi spider. Give it a URL and i...

GitHubπŸ“„ How To

INISCAN


The INISCAN tool was designed to assess whether the ...

SiteπŸ“„ How To

NodeJsScan


Static security code scanner (SAST) for Node.js appl...

GitHubπŸ“„ How To

WPSeku


WPSeku is a black box WordPress vulnerability scanne...

GitHubπŸ“„ How To

OpenVas


This is the OpenVAS Scanner of the Greenbone Communi...

GitHubπŸ“„ How To

Flan Scan


Flan Scan is a lightweight network vulnerability sca...

GitHubπŸ“„ How To

AutoPWN Suite


AutoPWN Suite is a project for scanning vulnerabilit...

GitHubπŸ“„ How To

Nikto


Nikto is an open source command line vulnerability s...

GitHubπŸ“„ How To

Nipper


Nipper (Network Infrastructure Parser) open source t...

SiteπŸ“„ How To

XSS Challenges


This repository is a dockerized php application cont...

GitHubπŸ“„ How To

Shodan


Shodan is the worlds first search engine for Interne...

SiteπŸ“„ How To

WhatWeb


WhatWeb identifies websites. Its goal is to answer t...

SiteπŸ“„ How To

Web Admin Finder


At Black list penetration testing, the hacker need t...

SiteπŸ“„ How To

weBreak


Webreak is a software designed to perform security a...

SiteπŸ“„ How To

theHarvester


theHarvester is a simple to use, yet powerful tool d...

GitHubπŸ“„ How To

goofile


Use this tool to search for a specific file type in ...

SiteπŸ“„ How To

Metagoofil


Metagoofil is an information gathering tool designed...

SiteπŸ“„ How To

Gateway-Finder


Gateway-finder is a scapy script that will help you ...

GitHubπŸ“„ How To

MASSCAN


This is an Internet-scale port scanner. It can scan ...

GitHubπŸ“„ How To

SAWEF


The purpose of this tool is to be a Swiss army knife...

GitHubπŸ“„ How To

GitMiner


Advanced search tool and automation in Github. This ...

GitHubπŸ“„ How To

dirsearch


Dirsearch is an excellent tool that has advanced fea...

GitHubπŸ“„ How To

HOPER


It shows all the hops that makes a url you specify t...

GitHubπŸ“„ How To

Robtex


Robtex is used for various kinds of research of IP n...

SiteπŸ“„ How To

HatCloud


HatCloud build in Ruby. It makes bypass in CloudFlar...

GitHubπŸ“„ How To

nWatch


nWatch is a handy tool for host discovery, portscann...

GitHubπŸ“„ How To

RED HAWK


All in one tool for Information Gathering and Vulner...

GitHubπŸ“„ How To

dnstwist


See what sort of trouble users can get in trying to ...

GitHubπŸ“„ How To

Seeker


Concept behind Seeker is simple, just like we host p...

GitHubπŸ“„ How To

BillCipher


nformation Gathering tool for a Website or IP addres...

GitHubπŸ“„ How To

DNSMaper


DNS Zone Transfer Test SubDomain BruteForce Banner V...

GitHubπŸ“„ How To

SubDomain Analyzer


The SubDomain Analyzer tool written in Python langua...

GitHubπŸ“„ How To

SiteBroker


A cross-platform python based utility for informatio...

GitHubπŸ“„ How To

UserRescon


Find usernames across over 75 social networks This i...

GitHubπŸ“„ How To

Shodan Eye


This tool collects all information about all devices...

GitHubπŸ“„ How To

Habu


I am developing Habu to teach (and learn) some conce...

GitHubπŸ“„ How To

SayCheese


Take webcam shots from target just sending a malicio...

GitHubπŸ“„ How To

TugaRecon


Tugarecon is a python tool designed to enumerate sub...

GitHubπŸ“„ How To

OKadminFinder


OKadminFinder is an Apache2 Licensed utility, rewrit...

GitHubπŸ“„ How To

Hakrawler


Fast golang web crawler for gathering URLs and JavaS...

GitHubπŸ“„ How To

Turbo Search


This is a search tool (brute-force style) based on a...

GitHubπŸ“„ How To

testssl


testssl.sh is a free command line tool which checks ...

GitHubπŸ“„ How To

MAP-Generator


Submit a URL to generate a node map of all of the re...

Site

adidnsdump


By default any user in Active Directory can enumerat...

GitHubπŸ“„ How To

LDAPDomainDump


ldapdomaindump is a tool which aims to solve this pr...

GitHubπŸ“„ How To

feroxbuster


feroxbuster is a tool designed to perform Forced Bro...

GitHubπŸ“„ How To

scilla


Information Gathering tool, DNS, Subdomains, Ports a...

GitHubπŸ“„ How To

CATPHISH


Generate similar-looking domains for phishing attack...

GitHubπŸ“„ How To

Digital Shadows


Digital Shadows provides access to the widest range ...

Site

SecurityTrails


Tap into a treasure-trove of cyber security gold for...

Site

FakeDataGen


FakeDataGen is a Full Valid Fake Data Generator. Thi...

GitHubπŸ“„ How To

Goblyn


Goblyn is a tool focused to enumeration and capture ...

GitHubπŸ“„ How To

sigurlfind3r


A passive reconnaissance tool for known URLs discove...

GitHubπŸ“„ How To

URL-Extractor


Bulk Da Cheker a free tool development and managed b...

SiteπŸ“„ How To

assetfinder


Find domains and subdomains potentially related to a...

GitHubπŸ“„ How To

balabolka


Balabolka is a Text-To-Speech (TTS) program. All com...

SiteπŸ“„ How To

BBOT


BBOT is a recursive, modular OSINT framework inspire...

GitHubπŸ“„ How To

GooFuzz


GooFuzz is a script written in Bash Scripting that u...

GitHubπŸ“„ How To

Contact