Matool13

CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

angr

The next-generation binary analysis platform from UC Santa Barbara's Seclab!

awesome-selfhosted

This is a list of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers.

big-list-of-naughty-strings

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

BrainDamage

A fully featured backdoor that uses Telegram as a C&C server

CANBus-Triple

CANBus Triple – The car hacking platform

CrackMapExec

A swiss army knife for pentesting Windows/Active Directory environments

DnD-Spelldeck

A Python program for generating LaTeX code that will generate a nice looking deck of cards with Dungeons and Dragons 5e spells on them.

mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

nishang

Nishang - PowerShell for penetration testing and offensive security.

omnihash

Hash files, strings, input streams and network resources in various common algorithms simultaneously

PCredz

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

portSpider

🕷 A lightning fast multithreaded network scanner framework with modules.

PowerShell

Collection of useful PowerShell functions, scripts, snippets and templates

PowerShell-Suite

My musings with PowerShell

preeny

Some helpful preload libraries for pwning stuff.

PRET

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

PyExfil

A couple of beta stage tools for data exfiltration

RC4-40-brute-office

Guaranteed cracking of M$ Office files using RC4 40-bit encryption

rePy2exe

A Reverse Engineering Tool for py2exe applications.

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities

scripts

SecLists

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

SecurityShepherd

Web and mobile application security training platform

Shaarli

The personal, minimalist, super-fast, database free, bookmarking service - community repo

sqlmap

Automatic SQL injection and database takeover tool

UACME

Defeating Windows User Account Control

vivisect

warberry

WarBerryPi - Tactical Exploitation