A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Tool social engineering [Access Webcam & Microphone & Os Password Grabber & Location Finder] With Ngrok

Tool Information Gathering & social engineering Write By [Python,JS,PHP]

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Automated Penetration Testing Framework

Fast web fuzzer written in Go

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A wrapper around grep, to help you grep for things

A Tool for Domain Flyovers

Veil 3.1.X (Check version info in Veil at runtime)

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

Clone this repo to build Frida

📱 objection - runtime mobile exploration

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PHP Shell untuk remote shell Web Server, upload dan sebagainya

HTTP parameter discovery suite.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Web path scanner

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Automatic SQL injection and database takeover tool

Real-time HTTP Intrusion Detection

Automated pentest framework for offensive security experts

SpiderFoot automates OSINT collection so that you can focus on analysis.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Fast subdomains enumeration tool for penetration testers

Words categorized by topic.