Dreyvor's Stars
hedgedoc/hedgedoc
HedgeDoc - Ideas grow better together
hackmdio/codimd
CodiMD - Realtime collaborative markdown notes on all platforms.
skylot/jadx
Dex to Java decompiler
sensepost/reGeorg
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
DominicBreuker/pspy
Monitor linux processes without root permissions
mxrch/GitFive
🐙 Track down GitHub users.
blackarrowsec/redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
kgretzky/pwndrop
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
arthaud/git-dumper
A tool to dump a git repository from a website
1N3/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
wagoodman/dive
A tool for exploring each layer in a docker image
projectdiscovery/katana
A next-generation crawling and spidering framework.
lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
fin3ss3g0d/evilgophish
evilginx3 + gophish
deepinstinct/Lsass-Shtinkering
Sab0tag3d/SIETpy3
Rewriting SIET to python3
six2dez/pentest-book
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
OWASP/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
tomnomnom/waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
fozavci/viproy-voipkit
VIPROY - VoIP Pen-Test Kit for Metasploit Framework
EnableSecurity/sipvicious
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.
juanfont/headscale
An open source, self-hosted implementation of the Tailscale control server
drwetter/testssl.sh
Testing TLS/SSL encryption anywhere on any port
ericchiang/pup
Parsing HTML at the command line
rverton/webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
projectdiscovery/wappalyzergo
A high performance go implementation of Wappalyzer Technology Detection Library
projectdiscovery/notify
Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
fortra/nanodump
The swiss army knife of LSASS dumping
projectdiscovery/dnsx
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.