Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

OffensivePH - use old Process Hacker driver to bypass several user-mode access controls

A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

pFuzz helps us to bypass web application firewall by using different methods at the same time.

search Google and extract results directly. skip all the click-through links and other sketchiness

Find, verify, and analyze leaked credentials

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

(Sim)ulate (Ba)zar Loader

A default credential scanner.

A Powerful Subdomain Takeover Tool

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdomain takeover vulnerability.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Defeating Windows User Account Control

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

A cross-platform protocol library to communicate with iOS devices

Find web directories without bruteforce

Security Tool to Look For Interesting Files in S3 Buckets

File upload vulnerability scanner and exploitation tool.

An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

Scan for misconfigured S3 buckets across S3-compatible APIs!

A python script that finds endpoints in JavaScript files