A CLI tool to convert your codebase into a single LLM prompt with source tree, prompt templating, and token counting.

smbclient-ng, a fast and user friendly way to interact with SMB shares.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Generates millions of keyword-based password mutations in seconds.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Easily and securely send things from one computer to another 🐊 📦

The recursive internet scanner for hackers. 🧡

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

Subdomains analysis and generation tool. Reveal the hidden!

Invert scroll direction for physical scroll wheels while maintaining "Natural" scrolling for trackpads on MacOS

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

A data index and query language over Markdown files, for https://obsidian.md/.

a drop-in replacement for Nmap powered by shodan.io

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

Notion as a platform for offensive operations

Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965

A cheat sheet that contains advanced queries for SQL Injection of all types.

Custom Queries - Brought Up to BH4.1 syntax

Hide secrets in your Obsidian.md vault

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.