An XSS exploitation command-line interface and payload generator.

mx-takeover focuses DNS MX records and detects misconfigured MX records.

Awesome-Cellular-Hacking

a list of awesome resources related to security and hacking of VoIP, WebRTC and VoLTE

IntelOwl: manage your Threat Intelligence at scale

OWASP D4N155 - Intelligent and dynamic wordlist using OSINT

RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: https://www.youtube.com/watch?v=Ul8uPvlOsug

A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Rust Weaponization for Red Team Engagements.

Tools and Techniques for Red Team / Penetration Testing

CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some interfaces for users to call to manipulate the CrossC2 Beacon se…

Cloudflare, Sucuri, Incapsula real IP tracker.

ARP Poisoning Tool, it creates entries on target's ARP Table. The things which you need only are Destination IP and MAC address.

A collection of various awesome lists for hackers, pentesters and security researchers

Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs

IDPS & SandBox & AntiVirus STEALTH KILLER. MorphAES is the world's first polymorphic shellcode engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable fo…

metame is a metamorphic code engine for arbitrary executables

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

🤖 The Modern Port Scanner 🤖

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A DNS meta-query spider that enumerates DNS records, and subdomains.

Small and highly portable detection tests based on MITRE's ATT&CK.

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application