Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-d…

EMBA - The firmware security analyzer

This repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand!

Cross Platform Telegram based RAT that communicates via telegram to evade network restrictions

Complex Network Analysis Tool

Low-cost LS/FS/HS USB sniffer with Wireshark interface

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

cyber security mind maps collection

Poastal - the Email OSINT tool

Remote Shellcode Injector

Developing a more covert Remote Access Trojan (RAT) tool by leveraging Electron's features for command injection and combining it with remote control methods.

InfoHound is an OSINT to extract a large amount of data given a web domain name.

Redeye is a tool intended to help you manage your data during a pentest operation

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

Villain is a high level stage 0/1 C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities) and s…

Pentesting automation platform that combines hacking tools to complete assessments

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Web app that provides basic navigation and annotation of ATT&CK matrices

Multi-platform transparent client-side encryption of your files in the cloud

Free and Open Source Reverse Engineering Platform powered by rizin

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

Metasploit Framework

MISP (core software) - Open Source Threat Intelligence and Sharing Platform