Qazeer
Follow
Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Automatic SQL injection and database takeover tool
Impacket is a collection of Python classes for working with network protocols.
Freeze (package) Python programs into stand-alone executables
Fast subdomains enumeration tool for penetration testers
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
An advanced memory forensics framework
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
A DNS meta-query spider that enumerates DNS records, and subdomains.
Tool to look for several security related Android application vulnerabilities
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
Automated NoSQL database enumeration and web application exploitation tool.
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Privilege Escalation Project - Windows / Linux / Mac
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
A Python based ingestor for BloodHound
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
Network Infrastructure Penetration Testing Tool
Run PowerShell command without invoking powershell.exe
Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
Perform a MitM attack and extract clear text credentials from RDP connections
SysWhispers on Steroids - AV/EDR evasion via direct system calls.