MiiLLIm

AttackSurfaceAnalyzer

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

keepass2john

Convert KeePass (KDBX) password databases to John the Ripper format. Supports KeePass 1.x and 2.x formats while preserving encryption integrity.

subzy

Subdomain takeover vulnerability checker

assetfinder

Find domains and subdomains related to a given domain

subfinder

Fast passive subdomain enumeration tool.

EchoStrike

Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.

GhostStrike

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

Depix

Recovers passwords from pixelized screenshots

gpt4-captcha-bypass

Captcha Bypass using GPT4-o

Deep-Live-Cam

real time face swap and one-click video deepfake with only a single image

AdGuardExtra

AdGuard Extra is designed to solve complicated cases when regular ad blocking rules aren't enough.

awesome-sysadmin

A curated list of amazingly awesome open-source sysadmin resources.

mimikatz

decrypt-chrome-passwords

Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

docker-hub-rss

RSS feed for Docker Hub images

uptime-kuma

A fancy self-hosted monitoring tool

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

pty4all

By using its cutting edge technology (lolnope), you can now have a persistent multi reverse pty handler!

Checklists

Red Teaming & Pentesting checklists for various engagements

chirpy-starter

The startup template for Chirpy.

xpnt0.github.io

A minimal, responsive, and feature-rich Jekyll theme for technical writing.

Exploit-for-Dolibarr-17.0.0-CVE-2023-30253

Reverse Shell POC exploit for Dolibarr <= 17.0.0 (CVE-2023-30253), PHP Code Injection

no-defender

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

DNS-Tunnel-Keylogger

Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.

Files

Directory for Hacxx Underground files

Files-2

Release for Datagroove 2

Sublist3r

Fast subdomains enumeration tool for penetration testers

wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.