Stars
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
My Notes about Penetration Testing
Do bug hunting with One-Line script and get bounty
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Hide your Powershell script in plain sight. Bypass all Powershell security features
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
A OWASP Based Checklist With 500 Test Cases
A tool to dump a git repository from a website
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
A little tool to play with Windows security
The ultimate WinRM shell for hacking/pentesting
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
Snyk CLI scans and monitors your projects for security vulnerabilities.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
Burpsuite Extension to bypass 403 restricted directory
Program for determining types of files for Windows, Linux and MacOS.
Linux Exploit Suggester; based on operating system release number
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
Incredibly fast crawler designed for OSINT.