ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap

A curated list of tools for incident response. With repository stars⭐ and forks🍴

WEB-Wordlist-Generator creates related wordlists after scanning your web applications.

SOCFortress CoPilot

Defund the Police.

SatIntel is an OSINT tool for Satellites 🛰. Extract satellite telemetry, receive orbital predictions, and parse TLEs 🔭

Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.

Comfortably monitor your Internet traffic 🕵️‍♂️

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A terminal for a more modern age

Pen Test Report Generation and Assessment Collaboration

Maven Repo Used for Extending Faction.

WhatsApp spy - logs online/offline events from ANYONE in the world

.net config loader

Simple Latest CVE Collector Written in Python

Obfuscation library based on C++11/14 and metaprogramming

A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.

Mimikatz implementation in pure Python

This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

Tactics, Techniques, and Procedures

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

A fancy self-hosted monitoring tool