httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

The complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API…

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Lab for learning JWT.

Tutorials and Things to Do while Hunting Vulnerability.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

A curated list of awesome threat detection and hunting resources

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Windows tray utility / filesystem watcher / launcher for Syncthing

JWT Support for Burp

Fetch many paths for many hosts - without killing the hosts

a mindmap on pentest #pentestmindmap #oscp #lpt #ecsa #ceh #bugbounty

A collection of various awesome lists for hackers, pentesters and security researchers

UNIX-like reverse engineering framework and command-line toolset

The Pwning Machine

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Red Teaming Tactics and Techniques

The world's #1 JavaScript library for rich text editing. Available for React, Vue and Angular

Tool to help exploit XXE vulnerabilities

A powerful and useful hacker dictionary builder for a brute-force attack

Mirror of https://git.ffmpeg.org/ffmpeg.git

Privilege Escalation Enumeration Script for Windows

Python3 o365 User Enumeration Tool

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark