A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

Impacket is a collection of Python classes for working with network protocols.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

E-mails, subdomains and names Harvester - OSINT

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

Rewrite of the popular wireless network auditor, "wifite"

Model parallel transformers in JAX and Haiku

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Open Source Vulnerability Management Platform

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Automated All-in-One OS Command Injection Exploitation Tool.

DNS Enumeration Script

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Bloodhound Reporting for Blue and Purple Teams

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

Scanning pastebin with yara rules

hack tools

The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

Tool to search secrets in various filetypes.

Amaranth HDL framework for monitoring, hacking, and developing USB devices

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

ActiveScan++ Burp Suite Plugin

CatSniffer is an original multiprotocol and multiband board for sniffing, communicating, and attacking IoT (Internet of Things) devices using the latest radio IoT protocols. It is a highly portable…

This Bufferflow Guide includes instructions and the scripts necessary for Buffer Overflow Exploitation. This guide is a supplement for TheCyberMentor's walkthrough. Please watch his walkthrough if …

Automated image forensics tool

Identify hardcoded secrets in static structured text

Snoopy v2.0 - modular digital terrestrial tracking framework

The TrustedSec Attack Platform is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.