OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Okadminfinder3[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
HackbrowserdataDecrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
PerfusionExploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
SubscraperSubdomain enumeration through various techniques
Esp Rfid ToolA tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.
OverlordOverlord - Red Teaming Infrastructure Automation
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
offensive-docker-vpsCreate a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
ORtesterOpen Redirect scanner - (out of date)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
LiteOTPMulti OTP Spam Amp/Paralell threads
revshfuzzA tool for fuzzing for ports that allow outgoing connections
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
kumasia./kumasia php simple backdoor
uberscanSecurity program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
behindflareThis tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
transportc2PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
BifrostBifrost C2. Open-source post-exploitation using Discord API
DumbDumain Bruteforcer - a fast and flexible domain bruteforcer
volana🌒 Shell command obfuscation to avoid detection systems
FlashRoute🚀 Takes minutes to explore the topology of all routable /24 prefixes in IPv4 address space. Now supports IPv6 scan!
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
haiti🔑 Hash type identifier (CLI & lib)
crackena fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust
RPCScanTool to communicate with RPC services and check misconfigurations on NFS shares
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
ftpknocker🔑 ftpknocker is a multi-threaded scanner for finding anonymous FTP servers
reverieAutomated Pentest Tools Designed For Parrot Linux
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
WiCrackFiPython Script to help/automate the WiFi hacking exercises.
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
rustcatRustcat(rcat) - The modern Port listener and Reverse shell
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
phisherpriceAll In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.