Pinned Repositories
Best-Penetration-Tools-
Best Penetration Tools | أفضل أدوات الاختراق
blackhat-arsenal-tools
Official Black Hat Arsenal Security Tools Repository
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
kalirouter
intercepting kali router
OSPTF
Open Source Penetration Test Framework
PenTesting-Scripts
A ton of helpful tools
ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
shelling
SHELLING - a comprehensive OS command injection payload generator
Spaghetti
Spaghetti - Web Application Security Scanner
infosecsecurity's Repositories
infosecsecurity/nWatch
infosecsecurity/BugBountyTemplates
A collection of templates for bug bounty reporting
infosecsecurity/joomlavs
A black box, Ruby powered, Joomla vulnerability scanner
infosecsecurity/Serpico
SimplE RePort wrIting and COllaboration tool
infosecsecurity/awesome-hacking-1
Awesome hacking is an awesome collection of hacking tools.
infosecsecurity/sandcastle
🏰 A Python script for AWS S3 bucket enumeration. Development has ceased; this project is at EOL.
infosecsecurity/magma
The magma server daemon, is an encrypted email system with support for SMTP, POP, IMAP, HTTP and MOLTEN,. Additional support for DMTP and DMAP is currently in active development.
infosecsecurity/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
infosecsecurity/dnssearch
A subdomain enumeration tool.
infosecsecurity/Bluto
DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking
infosecsecurity/XSStrike
XSStrike is a program which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs.
infosecsecurity/ReconDog
Recon Dog is an all in one tool for all your basic information gathering needs.
infosecsecurity/graudit
Grep rough audit - source code auditing tool
infosecsecurity/KatanaFramework
The New Hacking Framework
infosecsecurity/HostRecon
This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.
infosecsecurity/CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
infosecsecurity/tplmap
Code and Server-Side Template Injection Detection and Exploitation Tool
infosecsecurity/aquatone
A Tool for Domain Flyovers
infosecsecurity/morpheus
Morpheus - Automated Ettercap TCP/IP Hijacking Tool
infosecsecurity/RED_HAWK
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling. Coded In PHP
infosecsecurity/SigPloit
Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
infosecsecurity/Open-Redirect-Payloads
Open Redirect Payloads
infosecsecurity/LFISuite
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
infosecsecurity/Probable-Wordlists
Wordlists sorted by probability originally created for password generation and testing
infosecsecurity/apt2
automated penetration toolkit
infosecsecurity/angryFuzzer
tools for information gathering
infosecsecurity/domainhunter
Checks expired domains, bluecoat categorization, and Archive.org history to determine good candidates for phishing and C2 domain names
infosecsecurity/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
infosecsecurity/Belati
The Traditional Swiss Army Knife for OSINT
infosecsecurity/Sn1per
Automated Pentest Recon Scanner