Jflye's Stars
HashPals/Name-That-Hash
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
spipm/Depix
Recovers passwords from pixelized screenshots
msrkp/PPScan
Client Side Prototype Pollution Scanner
duc-nt/RCE-0-day-for-GhostScript-9.50
RCE 0-day for GhostScript 9.50 - Payload generator
pwnesia/dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Hackplayers/evil-winrm
The ultimate WinRM shell for hacking/pentesting
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
loseys/BlackMamba
C2/post-exploitation framework
clong/DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
WithSecureLabs/chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
r4j0x00/exploits
sensepost/gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
jeffzh3ng/fuxi
Penetration Testing Platform
ShivamRai2003/Reconky-Automated_Bash_Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
dwisiswant0/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
ThoughtfulDev/EagleEye
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
rebootuser/LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
liquidsec/aspnetCryptTools
Just some random small tools for dealing with asp.net Forms Authentication Cookies
jonaslejon/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
brimdata/zui
Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.
parikhakshat/autoharness
A tool that automatically creates fuzzing harnesses based on a library
immunIT/TeamsUserEnum
User enumeration with Microsoft Teams API
tanprathan/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
IlanKalendarov/SharpHook
SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.
inguardians/peirates
Peirates - Kubernetes Penetration Testing tool
nccgroup/SocksOverRDP
Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
passthehashbrowns/SharpRDPThief
A C# implementation of RDPThief to steal credentials from RDP.
shelld3v/JSshell
JSshell - JavaScript reverse/remote shell
ollseg/ttt-ext
Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.