Antiddos System🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Rastrea2rCollecting & Hunting for IOCs with gusto and style
AndroidlibraryAndroid library to reveal or obfuscate strings and assets at runtime
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Web ShellsSome of the best web shells that you might need!
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
NebulousadNebulousAD automated credential auditing tool.
ExeinExein core for Linux based firmware
DnsbinThe request.bin of DNS request
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
NetpwnTool made to automate tasks of pentesting.
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
DiscordcryptEnd-To-End File & Message Encryption For Discord
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
HyugaHyuga 一个用来记录DNS查询和HTTP请求的监控工具。
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
DetexploitOSS Vulnerability Scanner for Windows Platform
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
AnsibleplaybooksA collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
ConsolemeA Central Control Plane for AWS Permissions and Access
Netsec Ps ScriptsCollection of PowerShell network security scripts for system administrators.
Cli🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
EncpipeThe dum^H^H^Hsimplest encryption tool in the world.
ApisecuritybestpracticesResources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
SwiftnessA note-taking macOS app for penetration-testers.
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Burp ExporterExporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Cloud Discovery Cloud Discovery provides a point in time enumeration of all the cloud native platform services
SipptsSet of tools to audit SIP based VoIP Systems
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
SojoboA binary analysis framework
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Bag Of HoldingAn application to assist in the organization and prioritization of software security activities.
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start