1. Smbcrunch3 tools that work together to simplify reconaissance of Windows File Shares
2. Kali SetupScript for Kali that adds a bunch of tools and customizes it to be much better
3. FiercephishFiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
4. Uhoh365A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.
5. CredninjaA multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
6. CredSwissArmyDEPRECATED! LOOK AT CREDNINJA! A tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB
7. SharpStatC# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely
8. Recon-NG-API-Key-CreationOne of the biggest annoyances of using Recon-ng is getting everything set up to use it. So here I’ll outline the different API keys it can use and where to get them yourself.