PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

Hash cracker

JAWS - Just Another Windows (Enum) Script

Know the dangers of credential reuse attacks.

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Created by Jeffrey Martin via the GitHub Connector

Create agents that monitor and act on your behalf. Your agents are standing by!

Nikto web server scanner

WAF Cookie Fetcher is a Burp Suite extension written in Python, which uses a headless browser to obtain the values of WAF-injected cookies which are calculated in the browser by client-side JavaScr…

Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)

builds database/visualizations of LAN structure from passively sifted information

😱 A curated list of amazingly awesome OSINT

A collection of cheatsheets for various infosec tools and topics.

SSH User Enumeration Script in Python Using The Timing Attack

A simple Python script to exploit the OpenSSH User Enumeration Timing Attack.

Advanced vulnerability scanning with Nmap NSE

Stuff for OSCP

Metasploit Framework

A scanning tool for the ShellShock bash vulnerability

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Automatically Launch Google Hacking Queries Against A Target Domain

Official Black Hat Arsenal Security Tools Repository

MSFvenom Payload Creator (MSFPC)

OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/

venom - C2 shellcode generator/compiler/handler

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

This is a webshell open source project

A Passive RFID fuzzer