qran253

GitTools

A repository with 3 tools for pwn'ing websites with .git repositories available

xnLinkFinder

A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Zmap-ProxyScanner

A Thread Safe fast way to find proxies. Find 2000-5000 working http,socks4,socks5 proxies in one scan.

MHDDoS

Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods

HackBrowserData

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

Pentest-Tools

vaf

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

dnsx

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

PENTESTING-BIBLE

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

warf

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

userefuzz

User-Agent , X-Forwarded-For and Referer SQLI Fuzzer

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

libinjection

SQL / SQLI tokenizer parser analyzer

CVE-2022-29464

WSO2 RCE (CVE-2022-29464) exploit and writeup.

rapiddns

Rapidly enumerate subdomains and domains using rapiddns.io.

jfscan

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.

Jeeves

Jeeves SQLI Finder

uncover

Quickly discover exposed hosts on the internet using multiple search engines.

open-source-web-scanners

A list of open source web security scanners

wso-ng

The new generation of famous WSO web shell. With perks included

awesome-bugbounty-tools

A curated list of various bug bounty tools

frogy

My subdomain enumeration script. It's unique in the way it is built upon.

API-s-for-OSINT

List of API's for gathering information about phone numbers, addresses, domains etc

pFuzz

pFuzz helps us to bypass web application firewall by using different methods at the same time.

DongTai

Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.

dirsearch

A Go implementation of dirsearch.

Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

samlists

Free, libre, effective, and data-driven wordlists for all!