Menn1s's Stars
BKreisel/sqlmap-websocket-proxy
Tool to enable blind sql injection attacks against websockets using sqlmap
cmu-sei/pharos
Automated static analysis tools for binary programs
LaurieWired/iOS_Reverse_Engineering
The iOS IPA file Reverse Engineering reference
DevanshRaghav75/AutomationGuide
Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi
initstring/linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
christophetd/Adaz
:wrench: Deploy customizable Active Directory labs in Azure - automatically.
ndelphit/apkurlgrep
Extract endpoints from APK files
radareorg/radare2-r2pipe
Access radare2 via pipe from any programming language!
remote-android/redroid-doc
redroid (Remote-Android) is a multi-arch, GPU enabled, Android in Cloud solution. Track issues / docs here
Cy-clon3/awesome-ios-security
A curated list of awesome iOS application security resources.
DERE-ad2001/Frida-Labs
The repo contains a series of challenges for learning Frida for Android Exploitation.
gelosecurity/GetAndroidUnprotectedComponents
parse out unprotected AndroidComponents
praetorian-inc/noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
koush/scrypted
Scrypted is a high performance video integration and automation platform
Nyr/openvpn-install
OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora
projectdiscovery/interactsh
An OOB interaction gathering server and client library
m3n0sd0n4ld/GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
TakSec/google-dorks-bug-bounty
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
c3c/ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
kleiton0x00/XSScope
XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
slyd0g/SwiftSpy
macOS keylogger, clipboard monitor, and screenshotter
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
vdohney/keepass-password-dumper
Original PoC for CVE-2023-32784
mgastonportillo/gale-for-ff
CSS files to theme Firefox with Sidebery
Kudaes/Split
Apply a divide and conquer approach to bypass EDRs
mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
robert/gamebert
A Game Boy emulator written by Robert
tillson/git-hound
Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
decoder-it/LocalPotato
KingOfBugbounty/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..