R3K1NG

XAttacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

XSStrike

XSStrike is a program which can crawl, fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs.

fuxploider

File upload vulnerability scanner and exploitation tool.

exploit-database

nsa

nsa

astroid

ASTROID v 1.2 bypass most A.V softwares

DamnWebScanner

Evil-Droid

CloudFail

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

cmsPoc

CMS渗透测试框架-A CMS Exploit Framework

D0xk1t

exploit-database-bin-sploits

fsociety-ransomware-MrRobot

hate_crack

A tool for automating cracking methodologies through Hashcat

iSQL

pythem

Simple-Dork-Scanner

dork -target bug sql -scaner

spyrat

SQL-Scan

sql scan

eternal_scanner

face_recognition

The world's simplest facial recognition api for Python and the command line

hackage-security

Hackage security framework based on TUF (The Update Framework)

ptf

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

quicksql

QuickSQL is a simple MSSQL query tool that allows you to connect to MSSQL databases and does not require administrative level rights to use.

social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

subbrute

A DNS meta-query spider that enumerates DNS records, and subdomains.

Sublist3r

Fast subdomains enumeration tool for penetration testers

trevorc2

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

wpUsersScan

Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 -