0x90n

netstalking-osint

Коллекция материалов по OSINT для нетсталкинга

chatter

internet monitoring osint telegram bot for windows

APAC-Firms

A list of Information Security firms operating in th Asia-Pacific region, and where student intake opportunities can be found.

haktldextract

Extract domains/subdomains from URLs en masse

IoTGoat

IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.

crithit

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

secretz

secretz, minimizing the large attack surface of Travis CI

LeakLooker

Find open databases - Powered by Binaryedge.io

ReverseTCPShell

PowerShell ReverseTCP Shell - Framework

opencti

Open Cyber Threat Intelligence Platform

dronesploit

Drone pentesting framework console

scrapts

Scrapts Scrapts Scrapts

flash-socket-crossdomain-exploit

ActionScript proof-of-concept to perform cross-domain socket actions

the-book-of-secret-knowledge

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

DNSGrep

Quickly Search Large DNS Datasets

Beginner-Network-Pentesting

Notes for Beginner Network Pentesting Course

InfoSec-Black-Friday

All the deals for InfoSec related software/tools this Black Friday

WhatsApp-GD-Extractor-Multithread

Allows WhatsApp users on Android to extract their backed up WhatsApp data from Google Drive.

discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

humptydumpty

Dump lsass. Dump creds. Win.

LinkFinder

A python script that finds endpoints in JavaScript files

SILENTTRINITY

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

pentestingazureapps

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

Dr.-Watson

Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sherlock!

Findomain

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.

Shr3dKit

Red Team Tool Kit

pentestingazureapps

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

httprebind

Automatic tool for DNS rebinding-based SSRF attacks

CloudScraper

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

recon_profile