Tools
π΄Red Team π΅ Blue Team π£Puple Team
Menu
menu
π Tools
π Knowledge
π‘ Training
π Books
π¬ YouTube Channels
π° Bug Bounty
π¦ Repositories
π¨ Report Error
π§ 100SECURITY
Tools
π Tools
Categories
130
All
48
Information Gathering
18
Vulnerability Analysis
9
Wireless Attacks
3
Web Applications
24
Exploitation Tools
0
Stress Testing
5
Forensic Tools
0
Sniffing & Spoofing
13
Password Cracking
0
Maintaining Access
0
Reverse Engineering
0
Hardware Hacking
6
Reporting Tools
0
IoT
2
Mobile
1
Ransomware
1
DeepWeb & Dark Web
Filter
Windows
Linux
macOS
Servers
Active Directory
PowerShell
Network
Wireless
Web
APIs
Domains
Cloud
OSINT
Passwords
Fake
Phishing
Android
iPhone
Forense
Files
Threat Intelligence
Vulnerability
PSRansom
PSRansom is a PowerShell Ransomware Simulator with C...
GitHub
π How To
MobSF
Mobile Security Framework (MobSF) is an automated, a...
GitHub
π How To
ADRT
In order to collaborate with the day-to-day tasks of...
GitHub
π How To
WindapSearch
windapsearch is a Python script to help enumerate us...
GitHub
π How To
PingCastle
Get Active Directory Security at 80% in 20% of the t...
Site
N E R V E
NERVE is a vulnerability scanner tailored to find lo...
GitHub
π How To
IntelSpy
IntelSpy is a multi-threaded network intelligence to...
GitHub
π How To
PywerView
As a pentester, I love using PowerView during my ass...
GitHub
π How To
Crowbar
Crowbar (formally known as Levye) is a brute forcing...
GitHub
π How To
MKBRUTUS
Some boxes running Mikrotik RouterOS (3.x or newer) ...
GitHub
π How To
pemcracker
This tool is inspired by pemcrack by Robert Graham. ...
GitHub
π How To
MimiPenguin
akes advantage of cleartext credentials in memory by...
GitHub
π How To
phishery
Phishery is a Simple SSL Enabled HTTP server with th...
GitHub
π How To
bap
bap is a webservice honeypot that logs HTTP basic au...
GitHub
π How To
CeWL
Based on a discussion on PaulDotCom (episode 129) ab...
GitHub
π How To
Cerbrutus
Modular brute force tool written in Python, for very...
GitHub
π How To
Zphisher
Any actions and or activities related to Zphisher is...
GitHub
π How To
RDCMan
RDCMan manages multiple remote desktop connections. ...
Site
π How To
MimiKatz
mimikatz is a tool Ive made to learn C and make some...
GitHub
π How To
PyPhisher
Ultimate phishing tool in python. Includes popular w...
GitHub
π How To
CredPhish
CredPhish is a PowerShell script designed to invoke ...
GitHub
π How To
BruteShark
BruteShark is a Network Forensic Analysis Tool (NFAT...
Site
Steganography
Steganography applications conceal information in ot...
Site
Ghiro
Sometime forensic investigators need to process digi...
GitHub
π How To
DeepSound
DeepSound is a steganography tool and audio converte...
Site
Cloakify
CloakifyFactory & the Cloakify Toolset - Data Exfilt...
GitHub
π How To
HCONSTF
Hcon is the spirit of gaining & sharing knowledge. I...
Site
PentestBox
PenTestBox was developed entirely for Windows users ...
Site
SANDCAT
Sandcat Browser brings unique features that are usef...
Site
FuckShell
FuckShell is an open source tool that, when executed...
GitHub
π How To
SPARTA
SPARTA is a python GUI application which simplifies ...
GitHub
π How To
SpiderFoot
SpiderFoot is an open source intelligence (OSINT) au...
GitHub
π How To
WATOBO
WATOBO β The WebApplication ToolBox is a PenTest too...
Site
WEEVELY
WEEVELY is a tool developed in Python that allows a ...
GitHub
π How To
bettercap
bettercap is a powerful, easily extensible and porta...
GitHub
π How To
WPForce
WPForce is a suite of Wordpress Attack tools. Curren...
GitHub
π How To
TheFatRat
TheFatRat is an exploiting tool which compiles a mal...
GitHub
π How To
CHAOS
CHAOS is a free and open-source Remote Administratio...
GitHub
π How To
ASWCrypter
An Bash & Python Script For Generating Payloads that...
GitHub
π How To
JSRat-Py
This is my implementation of JSRat.ps1 in Python so ...
GitHub
π How To
BloodHound
BloodHound is a single page Javascript web applicati...
GitHub
π How To
Kage
Kage (ka-geh) is a tool inspired by AhMyth designed ...
GitHub
π How To
ReVBShell
ReVBSell is a project that provides a Server script ...
GitHub
π How To
Bad-PDF
Bad-PDF create malicious PDF file to steal NTLM(NTLM...
GitHub
π How To
Karkinos
This tool should be used on applications/networks th...
GitHub
π How To
Reverse Shell
Hosted Reverse Shell generator with a ton of functio...
GitHub
π How To
revshell gen
Standalone script written in Python 3 for generating...
GitHub
π How To
Log4j Shell Poc
A Proof-Of-Concept for the recently found CVE-2021-4...
GitHub
π How To
HoaxShell
hoaxshell is a Windows reverse shell payload generat...
GitHub
π How To
Chimera
Chimera is a (shiny and very hack-ish) PowerShell ob...
GitHub
π How To
DVWA
Damn Vulnerable Web Application (DVWA) is a PHP/MySQ...
GitHub
π How To
bWAPP
bWAPP helps security enthusiasts, developers and stu...
Site
π How To
D-TECT
D-TECT is an All-In-One Tool for Penetration Testing...
GitHub
π How To
Fake-AP
Fakeap is a script to perform Evil Twin Attack, by g...
GitHub
Wifite
This repo is a complete re-write of wifite, a Python...
GitHub
wifiphisher
Wifiphisher is a rogue Access Point framework for co...
GitHub
Fluxion
Fluxion is the Future of MITM WPA Attacks" It is a r...
GitHub
bluepot
Bluepot was a third year university project attempti...
GitHub
pixiewps
Pixiewps is a tool written in C used to bruteforce o...
GitHub
wifipumpkin3
wifipumpkin3 is powerful framework for rogue access ...
GitHub
darkdump
Darkdump is a simple script written in Python3.11 in...
GitHub
rang3r
rang3r is a python script build in Python 2.7 which ...
GitHub
grabcam
Grabcam is a bash based script which is officially m...
GitHub
Cam-Hackers
Here you will find a list of several cameras from ar...
GitHub
Mandic magiC
WiFi Magic, Internet for everyone. Access the Intern...
Site
π How To
WIRESEC
Wiresec is a script that organizes and performs the ...
GitHub
π How To
JoomScan
OWASP Joomla! Vulnerability Scanner (JoomScan) is an...
GitHub
π How To
Sucuri Security
The Sucuri Security WordPress plugin is free to all ...
Site
π How To
netsparker
Invicti is a web vulnerability management solution t...
Site
π How To
RIPS
RIPS is the most popular static code analysis tool t...
Site
π How To
graudit
graudit is a simple script and signature sets that a...
GitHub
π How To
YASUO
Yasuo is a ruby script that scans for vulnerable 3rd...
GitHub
π How To
XSSCRAPY
Fast, thorough, XSS/SQLi spider. Give it a URL and i...
GitHub
π How To
INISCAN
The INISCAN tool was designed to assess whether the ...
Site
π How To
NodeJsScan
Static security code scanner (SAST) for Node.js appl...
GitHub
π How To
WPSeku
WPSeku is a black box WordPress vulnerability scanne...
GitHub
π How To
OpenVas
This is the OpenVAS Scanner of the Greenbone Communi...
GitHub
π How To
Flan Scan
Flan Scan is a lightweight network vulnerability sca...
GitHub
π How To
AutoPWN Suite
AutoPWN Suite is a project for scanning vulnerabilit...
GitHub
π How To
Nikto
Nikto is an open source command line vulnerability s...
GitHub
π How To
Nipper
Nipper (Network Infrastructure Parser) open source t...
Site
π How To
XSS Challenges
This repository is a dockerized php application cont...
GitHub
π How To
Shodan
Shodan is the worlds first search engine for Interne...
Site
π How To
WhatWeb
WhatWeb identifies websites. Its goal is to answer t...
Site
π How To
Web Admin Finder
At Black list penetration testing, the hacker need t...
Site
π How To
weBreak
Webreak is a software designed to perform security a...
Site
π How To
theHarvester
theHarvester is a simple to use, yet powerful tool d...
GitHub
π How To
goofile
Use this tool to search for a specific file type in ...
Site
π How To
Metagoofil
Metagoofil is an information gathering tool designed...
Site
π How To
Gateway-Finder
Gateway-finder is a scapy script that will help you ...
GitHub
π How To
MASSCAN
This is an Internet-scale port scanner. It can scan ...
GitHub
π How To
SAWEF
The purpose of this tool is to be a Swiss army knife...
GitHub
π How To
GitMiner
Advanced search tool and automation in Github. This ...
GitHub
π How To
dirsearch
Dirsearch is an excellent tool that has advanced fea...
GitHub
π How To
HOPER
It shows all the hops that makes a url you specify t...
GitHub
π How To
Robtex
Robtex is used for various kinds of research of IP n...
Site
π How To
HatCloud
HatCloud build in Ruby. It makes bypass in CloudFlar...
GitHub
π How To
nWatch
nWatch is a handy tool for host discovery, portscann...
GitHub
π How To
RED HAWK
All in one tool for Information Gathering and Vulner...
GitHub
π How To
dnstwist
See what sort of trouble users can get in trying to ...
GitHub
π How To
Seeker
Concept behind Seeker is simple, just like we host p...
GitHub
π How To
BillCipher
nformation Gathering tool for a Website or IP addres...
GitHub
π How To
DNSMaper
DNS Zone Transfer Test SubDomain BruteForce Banner V...
GitHub
π How To
SubDomain Analyzer
The SubDomain Analyzer tool written in Python langua...
GitHub
π How To
SiteBroker
A cross-platform python based utility for informatio...
GitHub
π How To
UserRescon
Find usernames across over 75 social networks This i...
GitHub
π How To
Shodan Eye
This tool collects all information about all devices...
GitHub
π How To
Habu
I am developing Habu to teach (and learn) some conce...
GitHub
π How To
SayCheese
Take webcam shots from target just sending a malicio...
GitHub
π How To
TugaRecon
Tugarecon is a python tool designed to enumerate sub...
GitHub
π How To
OKadminFinder
OKadminFinder is an Apache2 Licensed utility, rewrit...
GitHub
π How To
Hakrawler
Fast golang web crawler for gathering URLs and JavaS...
GitHub
π How To
Turbo Search
This is a search tool (brute-force style) based on a...
GitHub
π How To
testssl
testssl.sh is a free command line tool which checks ...
GitHub
π How To
MAP-Generator
Submit a URL to generate a node map of all of the re...
Site
adidnsdump
By default any user in Active Directory can enumerat...
GitHub
π How To
LDAPDomainDump
ldapdomaindump is a tool which aims to solve this pr...
GitHub
π How To
feroxbuster
feroxbuster is a tool designed to perform Forced Bro...
GitHub
π How To
scilla
Information Gathering tool, DNS, Subdomains, Ports a...
GitHub
π How To
CATPHISH
Generate similar-looking domains for phishing attack...
GitHub
π How To
Digital Shadows
Digital Shadows provides access to the widest range ...
Site
SecurityTrails
Tap into a treasure-trove of cyber security gold for...
Site
FakeDataGen
FakeDataGen is a Full Valid Fake Data Generator. Thi...
GitHub
π How To
Goblyn
Goblyn is a tool focused to enumeration and capture ...
GitHub
π How To
sigurlfind3r
A passive reconnaissance tool for known URLs discove...
GitHub
π How To
URL-Extractor
Bulk Da Cheker a free tool development and managed b...
Site
π How To
assetfinder
Find domains and subdomains potentially related to a...
GitHub
π How To
balabolka
Balabolka is a Text-To-Speech (TTS) program. All com...
Site
π How To
BBOT
BBOT is a recursive, modular OSINT framework inspire...
GitHub
π How To
GooFuzz
GooFuzz is a script written in Bash Scripting that u...
GitHub
π How To
Contact