0x90n's Stars
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
OpenCTI-Platform/opencti
Open Cyber Threat Intelligence Platform
hmaverickadams/Beginner-Network-Pentesting
Notes for Beginner Network Pentesting Course
0x90n/InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
GerbenJavado/LinkFinder
A python script that finds endpoints in JavaScript files
leebaird/discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
byt3bl33d3r/SILENTTRINITY
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
dhondta/dronesploit
Drone pentesting framework console
woj-ciech/LeakLooker
Find open databases - Powered by Binaryedge.io
shr3ddersec/Shr3dKit
Red Team Tool Kit
ZHacker13/ReverseTCPShell
PowerShell ReverseTCP Shell - Framework
OWASP/IoTGoat
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
erbbysam/DNSGrep
Quickly Search Large DNS Datasets
jordanpotti/CloudScraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
nahamsec/recon_profile
netstalking-core/netstalking-osint
Коллекция материалов по OSINT для нетсталкинга
lc/secretz
secretz, minimizing the large attack surface of Travis CI
daeken/httprebind
Automatic tool for DNS rebinding-based SSRF attacks
sansatart/scrapts
Scrapts Scrapts Scrapts
prodigysml/Dr.-Watson
Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sherlock!
codingo/crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
YuriCosta/WhatsApp-GD-Extractor-Multithread
Allows WhatsApp users on Android to extract their backed up WhatsApp data from Google Drive.
visualbasic6/chatter
internet monitoring osint telegram bot for windows
hakluke/haktldextract
Extract domains/subdomains from URLs en masse
mburrough/pentestingazureapps
Script samples from the book Pentesting Azure Applications (2018, No Starch Press)
Infosec-Community/APAC-Firms
A list of Information Security firms operating in th Asia-Pacific region, and where student intake opportunities can be found.
0x90n/pentestingazureapps
Script samples from the book Pentesting Azure Applications (2018, No Starch Press)
n33dle/humptydumpty
Dump lsass. Dump creds. Win.
nnam/flash-socket-crossdomain-exploit
ActionScript proof-of-concept to perform cross-domain socket actions