NOT for educational purposes: An MCP server for professional penetration testers including nmap, go/dirbuster, nikto, JtR, wordlist building, and more.

TypeScript 25 7 Updated Apr 4, 2025

redteamcaptain / Pentesting-Interview-Questions

Penetration Testing and Offensive Security Interview Questions

159 30 Updated May 17, 2022

sherlock-ohm / burpscan

Python 89 10 Updated Apr 3, 2025

abhinavkakku / Cyber_Security_Interview_Questions

Cyber Security Interview Questions ( and some answers )

71 15 Updated Nov 2, 2023

areyou1or0 / OSCP

OSCP

Python 572 177 Updated Feb 6, 2022

bee-san / RustScan

🤖 The Modern Port Scanner 🤖

Rust 16,239 1,099 Updated Apr 21, 2025

RhinoSecurityLabs / pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Python 4,654 731 Updated Mar 20, 2025

trufflesecurity / trufflehog

Find, verify, and analyze leaked credentials

Go 18,824 1,839 Updated Apr 23, 2025

sherlock-project / sherlock

Hunt down social media accounts by username across social networks

Python 63,815 7,384 Updated Apr 23, 2025

MuhammadWaseem29 / SubDomain-Grabber

Python 37 5 Updated Mar 22, 2025

factionsecurity / faction

Pen Test Report Generation and Assessment Collaboration

JavaScript 517 44 Updated Mar 20, 2025

juliocesarfort / public-pentesting-reports

A list of public penetration test reports published by several consulting firms and academic security groups.

HTML 8,812 2,005 Updated Jun 6, 2024

1modm / petereport

PeTeReport is an open-source application vulnerability reporting tool.

JavaScript 501 137 Updated Jun 10, 2024

Syslifters / sysreptor

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Python 1,853 179 Updated Apr 23, 2025

BlackFan / BFScan

Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used in JAR / WAR / APK applications.

Java 166 9 Updated Mar 20, 2025

f / awesome-chatgpt-prompts

This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.

JavaScript 123,374 16,518 Updated Apr 23, 2025

dair-ai / Prompt-Engineering-Guide

🐙 Guides, papers, lecture, notebooks and resources for prompt engineering

MDX 55,320 5,436 Updated Apr 5, 2025

infosec-au / altdns

Generates permutations, alterations and mutations of subdomains and then resolves them

Python 2,400 451 Updated Jan 9, 2025

TheRook / subbrute

A DNS meta-query spider that enumerates DNS records, and subdomains.

Python 3,422 661 Updated Jan 13, 2022

who0xac / SubHunterX

**SubHunterX** is an automated tool for subdomain enumeration, vulnerability scanning, and exploitation. It discovers subdomains, detects live hosts, fuzzes directories, scans ports, identifies vul…

Shell 7 1 Updated Apr 7, 2025

s0md3v / uro

declutters url lists for crawling/pentesting

Python 1,338 159 Updated Feb 23, 2025

s-rah / onionscan

OnionScan is a free and open source tool for investigating the Dark Web.

Go 2,960 601 Updated Aug 9, 2024

scrapy / scrapy

Scrapy, a fast high-level web crawling & scraping framework for Python.

Python 54,974 10,758 Updated Apr 23, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Mohammed Al-Barbari M4DM0e

Achievements

Achievements

Block or report M4DM0e

Stars

OpenCTI-Platform / opencti

jthack / ffufai

mhzcyber / vulnerable.codes

Hound0x / JSIntelliRecon

slimphp / Slim

Zierax / Basic-ML-prompt-injections

projectdiscovery / katana

DMontgomery40 / pentest-mcp