blindfuzzy

LHF

A modular recon tool for pentesting

PCredz

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

pentest-scripts

python-hacklib

hacklib - pentesting, port scanning, and logging in anywhere with Python

SecLists

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

Bluto

DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking

Hob0Rules

Password cracking rules for Hashcat based on statistics and industry patterns

Infosec_Reference

Information Security Reference That Doesn't Suck

mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

MSRC-Security-Research

Security Research from the Microsoft Security Response Center (MSRC)

OS-X-Security-and-Privacy-Guide

A practical guide to securing OS X

RemoteRecon

Remote Recon and Collection

SigThief

Stealing Signatures and Making One Invalid Signature at a Time

ATM

The Adaptive Security Testing Methodology (ASTM) provides context-adjusted testing methodologies based on factors such as time available to test, platform, technology stack, versions, plugins, modules, and other variables.

awesome-pentest

A collection of awesome penetration testing resources, tools and other shiny things

compliance-masonry

Security Documentation Builder

dirtycow.github.io

Dirty COW

dislocker

FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX

intellifuzz-xss

An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match

knock

Knock Subdomain Scan

Mimidogz

Mimipuppy

cleaned up mimikittenz

nps

Not PowerShell

PowerOPS

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

PowerShell

PowerShellz Stuff

PowerShell-1

PowerShell for every system!

powerstager

A payload stager using PowerShell

ssh-audit

SSH server auditing (banner, key exchange, encryption, mac, compression, compatbility, etc)

vcr

Vulnerability Compliance Report Tool used to parse Nessus files into html reports created by SynerComm, Inc.

winshock-test

Bash script that tests if a system is Winshock (MS14-066) vulnerable