Modlishka. Reverse Proxy.

Next generation web scanner

An HTTP/HTTPS intercept proxy written in Go.

A Golang implant that uses Slack as a command and control server

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

A repository of tools for pentesting of restricted and isolated environments.

A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate

A MongoDB importer and API for Project Sonars DNS datasets

PENIOT: Penetration Testing Tool for IoT

Automated brute-forcing attack tool.

VULNRΞPO - Free vulnerability report generator and repository, security report maker, vulnerability report builder. Complete templates of issues, AES encryption, Nessus/Burp/OpenVAS issues import, Jira export, TXT/HTML/PDF report, attachments, automatic changelog and statistics, vulnerability assessment, vulnerability management.

Domain Seeker

Now Nothing to say

Sp00fer blog post -

IN THIS REPOSITORY YOU'LL SEE SOME OF THE ADVANCED COMMAND THAT YOU CAN TRY ON YOUR LINUX SYSTEM & DO YOUR WORK QUICKLY | I'LL BE ADD 10 COMMANDS DAILY SO STAY TUNED TO LEARN SOMETHING NEW

This is a practice tool developed to scan the port of the targetted machine, developed using the tutorial and guidance by TheCyberMentor Sir.

YASS (Yet Another Subdomainer Software) is a plugin-powered search engine based subdomainer.

SLAE x86 from Pentester Academy

Admin Page Finder

Injects a trusted types policy into an HTML page to log all DOM sinks whenever HTML is written into the DOM.

Penetration Testing Stack

DDoS Tools Write in Python

An helper for mobile applications analysis

Simple penetration testing tools for educational purposes. (not active here as before, will be back soon)