HIDAAFPython - Human Interface Device Android Attack Framework
Cracker-ToolAll in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
certexfilExfiltration based on custom X509 certificates
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
OSCP-PrepContained is all my reference material for my OSCP preparation. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
kumasia./kumasia php simple backdoor
365-Stealer365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.
PowerexploitPost-Exploitation 😎 module for Penetration Tester and Hackers.
attack-surface-detector-zapThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
hackipyHacking, pen-testing, and cyber-security related tools built with Python.
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
behindflareThis tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
dark-lord-obamaAV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities
onedrive user enumonedrive user enumeration - pentest tool to enumerate valid onedrive users
brutasWordlists and passwords handcrafted with ♥
Damn-Vulnerable-BankDamn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
webapp-wordlistsThis repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
BeFreeWebsite Security, Antivirus & Firewall || a powerful application that can secure your website against hackers, attacks and other incidents of abuse
UbunterAn automated tool to turn your ubuntu machine into a hacking lab
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
oscp-omnibusA collection of resources I'm using while working toward the OSCP
ShellyAutomatic Reverse Shell Generator
ldap2jsonThe ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
d00rSimple directory brute-force tool written with python.
transportc2PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
BackToMeLittle tool made in python to create payloads for Linux, Windows and OSX with unique handler
ReverseShellDllC++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
ggtfobinsGet GTFOBins info about a given exploit from the command line
DumbDumain Bruteforcer - a fast and flexible domain bruteforcer
OWASP-Calculator🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
GoRATGoRAT (Go Remote Access Tool) is an extremely powerful reverse shell, file server, and control plane using HTTPS reverse tunnels as a transport mechanism.
OffensiveAutoItOffensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)
nozzlrNozzlr is a bruteforce framework, trully modular and script-friendly
x509sakX.509 Swiss Army Knife is a toolkit atop OpenSSL to ease generation of CAs and aid white-hat pentesting
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
smbauditPerform various SMB-related attacks, particularly useful for testing large Active Directory environments.
MITMsmtpMITMsmtp is an Evil SMTP Server for pentesting SMTP clients to catch login credentials and mails sent over plain or SSL encrypted connections.
xzfEXIF-based command and control PoC
haiti🔑 Hash type identifier (CLI & lib)
crackena fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust
MCPToolPentesting tool for Minecraft
AstraAstra is a tool to find URLs and secrets inside a webpage/files