AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Rich is a Python library for rich text and beautiful formatting in the terminal.

Automatic SQL injection and database takeover tool

Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.

We have made you a wrapper you can't refuse

🕵️‍♂️ Offensive Google framework.

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

Impacket is a collection of Python classes for working with network protocols.

A next generation HTTP client for Python. 🦋

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Most advanced XSS scanner.

The Rogue Access Point Framework

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics…

Credentials recovery project

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

A swiss army knife for pentesting networks

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

📱 objection - runtime mobile exploration

The recursive internet scanner for hackers. 🧡

Web application fuzzer

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

aiogram is a modern and fully asynchronous framework for Telegram Bot API written in Python using asyncio

Common User Passwords Profiler (CUPP)

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Windows Exploit Suggester - Next Generation

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Server-Side Template Injection and Code Injection Detection and Exploitation Tool