ktecv2000

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Gooey

Turn (almost) any Python command line program into a full GUI application with one line

impacket

Impacket is a collection of Python classes for working with network protocols.

amass

In-depth attack surface mapping and asset discovery

theHarvester

E-mails, subdomains and names Harvester - OSINT

TheFatRat

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .

sigma

Main Sigma Rule Repository

volatility

An advanced memory forensics framework

how2heap

A repository for learning various heap exploitation techniques.

jwt_tool

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

Arjun

HTTP parameter discovery suite.

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Covenant

Covenant is a collaborative .NET C2 framework for red teamers.

dnscat2

pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

pingfs

Stores your data in ICMP ping packets

assetfinder

Find domains and subdomains related to a given domain

CloudFail

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

flare-ida

IDA Pro utilities from FLARE team

p0wnedShell

PowerShell Runspace Post Exploitation Toolkit

ReverseTCPShell

PowerShell ReverseTCP Shell - Framework

ADModule

Microsoft signed ActiveDirectory PowerShell module

NET-Deserialize

总结了20+.Net反序列化文章，持续更新

badKarma

network reconnaissance toolkit

CORStest

A simple CORS misconfiguration scanner

polichombr

Collaborative malware analysis framework

dirstalk

Modern alternative to dirbuster/dirb

sslScrape

SSLScrape | A scanning tool for scaping hostnames from SSL certificates.

jwt-fuzzer

JWT fuzzer

pURL

API testing tool written with Python