TK's repositories
afrog
AFROG- A tool for finding vulnerabilities
attack_range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
bbrf-client
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
bbrf-server
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
BBTz
BBT - Bug Bounty Tools
C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
caronte
A tool to analyze the network flow during attack/defence Capture the Flag competitions
checkov
Prevent cloud misconfigurations during build-time for Terraform, CloudFormation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
dirb
Web Fuzzer
dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
dnsvalidator
Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
houdini
A rust library that allows you to delete your executable while it's running.
impacket
Impacket is a collection of Python classes for working with network protocols.
osmedeus
A Workflow Engine for Offensive Security
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
RustScan
🤖 The Modern Port Scanner 🤖
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Source2URL
Parse source code directories and output list of URLs that are then sent through a proxy.
subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Sublist3r
Fast subdomains enumeration tool for penetration testers
testssl.sh
Testing TLS/SSL encryption anywhere on any port
theHarvester
E-mails, subdomains and names Harvester - OSINT