thaxdevil's Stars
mailhog/MailHog
Web and API based SMTP testing
s0md3v/XSStrike
Most advanced XSS scanner.
gophish/gophish
Open-Source Phishing Toolkit
kgretzky/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
HavocFramework/Havoc
The Havoc Framework
assetnote/kiterunner
Contextual Content Discovery Tool
thewhiteh4t/FinalRecon
All In One Web Recon
kgretzky/pwndrop
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
fin3ss3g0d/evilgophish
evilginx3 + gophish
dionach/CMSmap
CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
hacxx-underground/Files
Directory for Hacxx Underground files
topscoder/nuclei-wordfence-cve
The EXCLUSIVE Collection of 45,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
byt3bl33d3r/ItWasAllADream
A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE
debridmediamanager/debrid-media-manager
Curate an inifinite media library
An0nUD4Y/Evilginx2-Phishlets
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
itsmehacker/DarkScrape
OSINT Tool For Scraping Dark Websites
exploits-forsale/collateral-damage
Kernel exploit for Xbox SystemOS using CVE-2024-30088
BobbyWibowo/lolisafe
Blazing fast file uploader and awesome bunker written in node! 🚀
0xKayala/NucleiScanner
NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications
grahamzemel/WebHeckScanner
A hacking tool for bug bounties. Sharing and modifying is encouraged!
lauritzh/domscan
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
GhettoGeek/EMAGNET
Emagnet is a tool for find leaked databases with 97.1% accurate to grab mail + password together from pastebin leaks. Support for brute forcing spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts
sureshfizzy/CineSync
CineSync is a Python based library management tool designed to organize debrid & local libraries without the support of Sonarr & Radarr
Scrut1ny/OpSec-Guide
The Life Operational Security (OpSec) Guide provides invaluable insights and actionable recommendations for individuals seeking to enhance their privacy, anonymity, and security in their personal and professional lives. By implementing robust measures to mitigate the risk of tracking and mass surveillance, individuals can safeguard their sensitive.
AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956
WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries
MatthewKuKanich/ESP32-AirTag-Scanner
Scan for AirTag MACs and Payloads without the need for an Android device or nrfConnect.
rdefeo/quac
Flipperzero app that acts as a QUick ACtion remote control for multiple signal types
0xb11a1/sliver_extension_uac_bypass_cmstp
Sliver extension to bypass UAC via cmstp written in rust