mithatgogebakan

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

fish-shell

The user-friendly command line shell.

trufflehog

Find and verify secrets

JSVerbalExpressions

JavaScript Regular expressions made easy

routersploit

Exploitation Framework for Embedded Devices

vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Sublist3r

Fast subdomains enumeration tool for penetration testers

Sn1per

Attack Surface Management Platform

brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

itpol

Useful IT policies

awesome-sec-talks

A collected list of awesome security talks

tbhm

The Bug Hunters Methodology

tplmap

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

payloads

Git All the Payloads! A collection of web attack payloads.

fastnetmon

FastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support

dnscat2

subbrute

A DNS meta-query spider that enumerates DNS records, and subdomains.

icmptunnel

Transparently tunnel your IP traffic through ICMP echo and reply packets.

datasploit

An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.

b374k

PHP Webshell with handy features

PINCE

Reverse engineering tool for linux games

Veil-Evasion

Veil Evasion is no longer supported, use Veil 3.0!

CeWL

CeWL is a Custom Word List Generator

Scout2

Security auditing tool for AWS environments

xvwa

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

NetRipper

NetRipper - Smart traffic sniffing for penetration testers

BruteXSS

BruteXSS - Cross-Site Scripting Bruteforcer

blacksheepwall

blacksheepwall is a hostname reconnaissance tool

burp-image-size

Image size issues plugin for Burp Suite

otpknock

RFC 6238 TOTP + knockd = awesome!