Extract subdomains from SSL certificates in HTTPS sites.

🔐 Docker Container for Penetration Testing & Security

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Hacking Toolkit

A tool to test security of json web token

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Yet Another PHP Shell - The most complete PHP reverse shell

A tool to automate penetration tests

Open Redirect Payloads

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

SSRF (Server Side Request Forgery) testing resources

Set of tools to audit SIP based VoIP Systems

A wrapper for Nmap to quickly run network scans

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

hydra

Testing TLS/SSL encryption anywhere on any port

MSDAT: Microsoft SQL Database Attacking Tool