soerlemans's Stars
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
sullo/nikto
Nikto web server scanner
wpscanteam/wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
v1s1t0r1sh3r3/airgeddon
This is a multi-use bash script for Linux systems to audit wireless networks.
danmar/cppcheck
static analysis of C/C++ code
aircrack-ng/aircrack-ng
WiFi security auditing tools suite
SpiderLabs/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
alecthomas/chroma
A general purpose syntax highlighter in pure Go
guelfoweb/knock
Knock Subdomain Scan
GerbenJavado/LinkFinder
A python script that finds endpoints in JavaScript files
sensepost/gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
calebstewart/pwncat
Fancy reverse and bind shell handler
s0lst1c3/eaphammer
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
digininja/CeWL
CeWL is a Custom Word List Generator
d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
irsdl/IIS-ShortName-Scanner
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
Dheerajmadhukar/4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
m8sec/CrossLinked
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
stealthcopter/deepce
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
PentestPad/subzy
Subdomain takeover vulnerability checker
BishopFox/eyeballer
Convolutional neural network for analyzing pentest screenshots
Idov31/Sandman
Sandman is a NTP based backdoor for red team engagements in hardened networks.
byt3bl33d3r/WitnessMe
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
ameenmaali/urldedupe
Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
kimocoder/OneShot
Run WPS PIN attacks (Pixie Dust, online bruteforce, PIN prediction) without monitor mode with the wpa_supplicant
hadriansecurity/sanicdns
Gotta go fast
Moopinger/crlf-detection-script
CRLF Detection based on @BlackFan 's work See link below
k4l1sh/WordlistGPT
A python script to generate custom wordlists using GPT