Jflye's Stars
Phasip/jsproxy
HTTP proxy that runs in a CORS-disabled browser
Pennyw0rth/NetExec
The Network Execution Tool
login-securite/lsassy
Extract credentials from lsass remotely
smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
ElevenPaths/FOCA
Tool to find metadata and hidden information in the documents.
DaddyBigFish/enumx
The tool π²π»ππΊπ is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. It is designed to automate the simpler tasks of enumeration in order to save the Penetration Tester valuable time.
jasonxtn/Argus
The Ultimate Information Gathering Toolkit
blackhatethicalhacking/TerminatorZ
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
zh54321/SnafflerParser
Parses Snaffler output file and generate beautified outputs.
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
amalmurali47/swagroutes
swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
blackhatethicalhacking/Nucleimonst3r
Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits but also gather all the technology running behind them for further investigation for a potential target.
alpkeskin/mosint
An automated e-mail OSINT tool
gwen001/bxss
Alternative to XSS Hunter for blind XSS.
piraija/usb-hid-and-run
User84User/User84PublicUser
luijait/DarkGPT
DarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.
Ekultek/WhatWaf
Detect and bypass web application firewalls and protection systems
crsftw/oscp
mpeterv/luacheck
A tool for linting and static analysis of Lua code.
Kong/insomnia
The open-source, cross-platform API client for GraphQL, REST, WebSockets, SSE and gRPC. With Cloud, Local and Git storage.
PortSwigger/postman-importer
FSecureLABS/SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
Flipper-XFW/Xtreme-Firmware
The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!
ShawnDEvans/smbmap
SMBMap is a handy SMB enumeration tool
Lissy93/web-check
π΅οΈββοΈ All-in-one OSINT tool for analysing any website
ejedev/web2shell
Automate converting webshells into reverse shells.
redrays-io/SAP_Cloud_Connector_SSFS_Decryption
A PoC of decryption the SAP Cloud Connector SSFS
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.