Stars
Meterpreter Scripts that I'm working on
A (partial) Python rewriting of PowerSploit's PowerView
Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be r…
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Content discovery wordlists generated using BigQuery
Protect and discover secrets using Gitleaks 🔑
Accurately Locate Smartphones using Social Engineering
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Scan for misconfigured S3 buckets across S3-compatible APIs!
Find interesting Amazon S3 Buckets by watching certificate transparency logs.
All about bug bounty (bypasses, payloads, and etc)
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
🔥 Web-application firewalls (WAFs) from security standpoint.
OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
A collection of custom security tools for quick needs.
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
Quickly discover exposed hosts on the internet using multiple search engines.
Go alternative of python SimpleHTTPServer
A curated list of various bug bounty tools