AI Summary: The “31-days-of-API-Security-Tips” repository provides a comprehensive set of daily tips aimed at enhancing the security posture of APIs through practical advice and insights. It is primarily designed for penetration testers and developers to identify and mitigate common API vulnerabilities such as BOLA (IDOR), command injection, and mass assignment. Notable features include a structured format for presenting security tips, real-world exploitation techniques, and guidance on testing different API authentication mechanisms.

AI Summary: A-Red-Teamer-diaries is a collaborative repository containing publicly accessible notes and resources for penetration testing and red teaming activities, focusing on various tools and techniques employed during security assessments. Key features include a cheatsheet for quick command reference, detailed methodologies for effective exploitation, and practical scripts for network scanning and enumeration, enhancing both learning and efficiency in cybersecurity engagements. This tool serves as a practical guide for professionals aiming to improve their pentesting methodologies in controlled environments.

AI Summary: AboutSecurity is a comprehensive security assessment tool that provides a variety of dictionaries and payloads tailored for penetration testing tasks. Its features include an extensive set of predefined dictionaries for different attack vectors, a range of skills related to reconnaissance, exploitation, and post-exploitation, as well as external tool integration for scanning and fuzzing, complemented by reference documentation for effective team collaboration.

README

AboutSecurity

• Dic
  • Auth : 认证字典
    • 账号和密码。
  • Network : 网络
    • 排除的私有 IP 段、本地 IP 段、dns 服务器列表。
  • Port : 端口字典
    • 按照端口渗透的想法,将不同端口承载的服务可爆破点作为字典内容。
  • Regular : 规则字典
    • 各种规则、排列的字典整理。
  • Web : Web 字典
    • web 渗透过程中出现的可爆破点作为字典内容。
• Payload
  • Burp
  • CORS
  • email
  • Format
  • HPP
  • LFI
  • OOB
  • SQL-Inj
  • SSI
  • XSS
  • XXE
• Skills — AI Agent 技能方法论 (55 skills)
  • recon (5) : 侦察类 — 资产侦察、被动信息收集、子域名深挖、目标画像、社会工程
  • exploit (26) : 漏洞利用类 — SQL 注入、XSS、SSTI、文件上传、反序列化、JWT、GraphQL、SSRF/XXE、CORS、CSRF、OAuth、WebSocket、竞态条件、缓存投毒/请求走私等
  • ctf (5) : CTF 竞赛类 — Web 解题方法论、CTF 侦察、源码审计、Flag 搜索、Flag 校验
  • postexploit (6) : 后渗透类 — Linux/Windows 后渗透、提权检查、凭据喷射、横向移动、持久化
  • lateral (3) : 内网渗透类 — AD 域攻击、内网侦察、多层网络穿透
  • cloud (2) : 云环境类 — 云元数据利用、IAM 权限审计与提权
  • evasion (4) : 免杀对抗类 — C2 框架免杀、Shellcode Loader 生成、免杀技术整合、安全研究
  • general (4) : 综合类 — 红队评估、移动后端 API、报告生成、供应链审计
  • 📊 Skill Benchmark: python scripts/bench-skill.py --all — A/B 测试 Skill 对 Agent 的实际效果
• Tools — 外部工具声明式 YAML 配置
  • scan : 扫描工具 (nmap, masscan)
  • fuzz : Fuzz 工具 (dirsearch)
• Doc
  • Checklist : 渗透测试过程中的检查项,杜绝少测、漏测的情况。
  • Cheatsheet : 渗透测试信息收集表,渗透测试时直接复制一副作为参考、信息记录、方便团队协作、出报告等。
  • 出报告专用 : 记录部分平常渗透测试遇到的案例。
  • 行业名词

参考

• https://github.com/anthropics/skills/blob/main/skills/skill-creator/SKILL.md
• https://github.com/ljagiello/ctf-skills
• https://github.com/JDArmy/Evasion-SubAgents

AI Summary: Above is a network security sniffer designed for penetration testers and security engineers to identify vulnerabilities in network equipment through traffic analysis. It operates silently, leveraging the Scapy library, and supports the detection of up to 28 protocols, including ARP, EAPOL, and various SCADA protocols. Users can operate it in ‘hot’ mode for real-time sniffing or ‘cold’ mode for analyzing pre-captured traffic dumps, with features like passive ARP detection and VLAN segment search.

AI Summary: The Active Directory Exploitation Cheat Sheet serves as a comprehensive resource for cybersecurity professionals, detailing methodologies and commands for navigating the Active Directory environment. Its primary use case involves facilitating reconnaissance, privilege escalation, and lateral movement within a network through structured commands using Powershell and .Net. Notable features include a systematic approach to various stages of the exploitation process, including domain enumeration, persistence techniques, and monitoring account vulnerabilities.

AI Summary: The Active Directory Exploitation Cheat Sheet serves as a comprehensive resource for security professionals, detailing various enumeration and attack techniques within Windows Active Directory environments. It encompasses methods for domain enumeration, local privilege escalation, lateral movement, and domain persistence, while providing actionable insights and references to essential tools such as PowerView, Mimikatz, and BloodHound. This tool is particularly notable for its structured approach to various exploitation vectors, facilitating an efficient and systematic exploitation process.

AI Summary: ADB-Toolkit is a comprehensive toolkit designed for testing and auditing Android Debug Bridge (ADB) configurations and vulnerabilities. Its primary use case lies in enhancing the security of Android devices by providing features such as device enumeration, file management, and installation of applications via ADB commands. Notable features include a user-friendly interface and extensive enhancements for common tasks associated with ADB, making it suitable for both developers and security researchers.

AI Summary: Afrog is a security tool designed for bug bounty programs, penetration testing, and red teaming efforts. It facilitates the creation and execution of Proofs of Concept (PoCs) to help security professionals identify vulnerabilities in systems. Notable features include a streamlined PoC writing guide, multi-language support, and a community-driven approach to contribute new exploit techniques.

README

A Security Tool for Bug Bounty, Pentest and Red Teaming

English • 中文

AI Summary: AllHackingTools is a penetration testing toolkit designed for Termux that automates the installation and management of various hacking tools. Its primary use case is to facilitate the setup and customization of a hacking environment on Termux, allowing users to quickly download and run tools directly from the interface. Notable features include an updated installer with enhanced design elements, streamlined updating capabilities, and improved system stability.

README

• License • Issues • Project • Wikipedia •

AI Summary: Androl4b is an Android security virtual machine based on Ubuntu Mate, designed for reverse engineering and malware analysis, incorporating a comprehensive suite of tools and resources. It features updated frameworks, hands-on labs, and various security assessment tools like Radare2, Frida, and MobSF, facilitating both static and dynamic analysis of Android applications. The environment is tailored for security researchers and developers to enhance their understanding and skills in Android security.

AI Summary: AngryOxide is a Rust-based 802.11 attack tool designed for penetration testing and WiFi exploitation research. It provides an active state-based attack engine that retrieves EAPOL messages from access points and clients, with features such as target filtering, auto-hunting capability, and GPS integration for geo-fencing. The tool is equipped with a terminal UI, headless operation mode, and a variety of automated attacks aimed at retrieving cryptographic data for later cracking with tools like Hashcat.

AI Summary: Anthropic Cybersecurity Skills is an extensive open-source repository that provides AI agents access to 753 structured cybersecurity skills across 26 domains, offering capabilities such as memory forensics and Kubernetes RBAC auditing. The skills adhere to the agentskills.io standard, featuring a YAML structure for quick discovery and are fully mapped to MITRE ATT&CK and aligned with NIST CSF 2.0, enabling AI agents to perform advanced security tasks with enhanced contextual knowledge. This tool simplifies installation and empowers various platforms like Claude Code and GitHub Copilot to integrate these capabilities efficiently.

AI Summary: API Security Empire is a comprehensive resource designed for enhancing API security and conducting penetration testing, featuring mindmaps, tips, and tools based on OWASP TOP 10 API guidelines. It covers information gathering, advanced recon techniques, and detailed methodologies for attacking RESTful, SOAP, and GraphQL APIs. Notable features include updated mindmaps in various formats, a curated list of essential tools, and practical exercises to test penetration skills.

README

🛡️ API Security Empire

Project Credits: Momen Eldawakhly (Cyber Guy)

🚪 First gate: {{Recon}}

The first gate to enter the API Security Empire is to know how to gather information about the API infrastructure and how to perform a powerfull recon on API to extract the hidden doors which made you compromise the whole infrastructure from, so, we provide this updated API Recon mindmap with the latest tools and methodologies in API recon:

AI Summary: APKHunt is a static code analysis tool specifically designed for Android applications, leveraging the OWASP MASVS framework to identify and rectify security vulnerabilities. It offers comprehensive scanning capabilities, including support for multiple APK files, a low false-positive rate, and optimized rules for accurate vulnerability detection, making it suitable for both mobile developers and security testers. Notably, it produces results in a user-friendly TXT format and is tailored for Linux environments.

AI Summary: ApkUrlGrep is a tool designed for extracting endpoints from APK files. Its primary use case is to facilitate the analysis of mobile applications by identifying URLs and their paths embedded within the app. Notable features include the ability to output both the discovered URLs and their corresponding paths, making it a valuable resource for security researchers and penetration testers.

README

ApkUrlGrep

Tool that allow extract endpoints from APK files

AI Summary: APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based tool that automates the generation of penetration testing reports in PDF and Excel formats, enhancing efficiency for security professionals. Its primary use case is to facilitate organized and streamlined reporting while allowing users to manage and monitor vulnerabilities across various projects. Notable features include support for multiple platforms, a user-friendly web interface, and integration with various CI/CD workflows for continuous testing.

AI Summary: ArcherySec is an open-source vulnerability assessment and management tool designed to integrate with CI/CD pipelines, allowing for automated security testing based on scan results. It utilizes popular open-source scanning tools to perform comprehensive web and network vulnerability assessments, while also providing features for vulnerability prioritization, management, and collaboration of scan data. Key functionalities include integration with REST APIs for developers, authenticated web scanning, and support for various third-party tools like OpenVAS and OWASP ZAP.

AI Summary: Artemis is a modular vulnerability scanner designed for assessing website security, primarily used by CERT PL for scanning activities. Its notable features include the ability to automatically generate user-friendly reports detailing specific vulnerabilities, such as exposed version control system data and outdated software versions, which aids organizations in mitigating security risks.

README

Artemis is a modular vulnerability scanner. It’s the tool that powers CERT PL scanning activities by checking various aspects of website security and building easy-to-read messages ready to be sent to the scanned organizations.

AI Summary: Athena OS is a penetration testing operating system designed for InfoSec professionals, bug bounty hunters, and cybersecurity enthusiasts. It features automated package updates through GitHub Actions, maintains a collection of security tools, and offers Docker container support, enhancing accessibility and usability for various security assessments. Notably, it provides a user-friendly experience for both seasoned professionals and newcomers in the field of cybersecurity.

README

Dive into a new Pentesting Experience with
Athena OS

AI Summary: The DigiSpark Attiny85 repository provides a cost-effective alternative to Rubber Ducky, enabling users to program the Attiny85 to function as a Human Interface Device (HID) that sends keystrokes to a computer. It includes various pre-built payloads such as a Wi-Fi password stealer, UAC bypass, and keylogger, allowing for a range of offensive actions from data exfiltration to system exploitation. Users can easily set up their development environment and execute these payloads using the Arduino IDE.

AI Summary: AutoPentestX is an automated penetration testing toolkit designed for streamlined security assessments. Its primary use case is to facilitate vulnerability scanning and testing in Linux environments, offering features that simplify the process of identifying and exploiting security weaknesses. The toolkit supports Python 3.8 and above, underscoring its compatibility with modern scripting standards and enhancing its applicability in cybersecurity workflows.

README

AutoPentestX - Automated Penetration Testing Toolkit

AI Summary: AutoPWN Suite is a comprehensive tool designed for automatic vulnerability scanning and exploitation of systems, leveraging advanced scanning techniques such as nmap TCP-SYN scans to identify software versions and associated vulnerabilities. Key features include automatic vulnerability detection, web application testing for various exploits (LFI, XSS, SQLI), configurable scanning options, noise and evasion modes, along with easy result sharing via webhooks or email, and compatibility across multiple operating systems.

AI Summary: Awesome Black Hat Tools is a curated repository of cybersecurity tools showcased at Black Hat events globally, serving as a practical reference for professionals in offensive, defensive, and research-driven cybersecurity. The tools are systematically organized by event location, year, and category, including Red Teaming, OSINT, and more, ensuring easy accessibility for users seeking field-tested solutions. This repository encourages community contributions to continually enhance the collection, making it a dynamic resource for current cybersecurity methodologies.

AI Summary: The “Awesome Cybersecurity Handbooks” repository is a comprehensive collection of resources and personal notes aimed at aiding individuals in the fields of red teaming and Capture The Flag (CTF) challenges. This tool features a variety of topics including information gathering, vulnerability analysis, web application assessment, and post-exploitation strategies, serving as an extensive guide for cybersecurity professionals to enhance their knowledge and skills for legal purposes. Notable aspects include frequent updates and a commitment to legal and ethical use of the provided materials.

AI Summary: The “Awesome Flipper Zero with Modules” repository is an enhanced resource collection for the Flipper Zero device, providing a variety of plugins, payloads, and databases to extend its functionality. Notable features include access to numerous pre-configured BadUSB payloads, IR device dumps, and various custom files for generating or interacting with Flipper Zero formats. This repository serves as a comprehensive toolkit for users looking to maximize their experience and capabilities with the Flipper Zero platform.

AI Summary: Awesome Hacker Search Engines is a curated repository of search engines specifically designed for penetration testing, vulnerability assessments, and red/blue team operations. It categorizes various resources including general search engines, servers, vulnerabilities, exploits, and more, providing tools for effective reconnaissance and threat intelligence gathering. Notable features include links to specialized engines like Shodan and the NIST NVD, enabling streamlined access to critical information for security professionals.

README

Awesome Hacker Search Engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

AI Summary: Awesome hacking is an awesome collection of hacking tools.

Awesome hacking is an awesome collection of hacking tools.

AI Summary: The “awesome-hacking-lists” repository is a curated collection of GitHub stars organized by programming languages and tools relevant to cybersecurity and hacking. Its primary use case is to provide a comprehensive reference for security professionals and enthusiasts looking for resources, projects, and exploits in various programming environments. Notable features include structured content for easy navigation and a wide array of topics spanning multiple technology stacks.

README

Awesome Stars

A curated list of my GitHub stars! Generated by starred.

AI Summary: Awesome Hacking Resources is a comprehensive collection of materials designed for individuals looking to enhance their skills in hacking and penetration testing. The repository includes various categories such as learning resources, online courses, forums, and tools crucial for topics like malware analysis and network scanning, promoting community contribution and knowledge sharing within the cybersecurity field. Notably, it features a dedicated list of tools and links to educational content, making it a valuable resource for both beginners and advanced practitioners.

AI Summary: The “Awesome List of Secrets in Environment Variables” repository provides a comprehensive compilation of sensitive information, such as secrets, API keys, and tokens commonly stored in environment variables across various platforms. Its primary use case is to educate and inform developers about potential vulnerabilities associated with storing secrets in environment variables and to suggest better security practices to avoid data leaks. Notable features include categorized listings of secrets from different services, security recommendations, and links to relevant documentation for each entry.

AI Summary: The “awesome-mobile-security” repository serves as a comprehensive resource for mobile security professionals, aggregating a wide range of blogs, papers, and how-to resources relevant to Android security and penetration testing. Its primary use case is to provide guidance and knowledge on mobile application vulnerabilities, security testing methodologies, and tools, making it a valuable asset for those aiming to improve mobile application security. Notable features include links to various security guides, OWASP resources, and pentesting labs, enabling users to deepen their understanding and practical skills in mobile security.

AI Summary: The Awesome OSCP repository is a curated collection of resources aimed at individuals preparing for the Offensive Security Certified Professional (OSCP) certification. It includes a variety of materials such as reviews, guides, cheatsheets, and specialized scripts covering key topics like buffer overflows and privilege escalation, facilitating a structured and comprehensive study approach for aspiring penetration testers. Notable features include extensive links to preparation guides, practical hacking tips, and tools specifically designed to aid in the OSCP exam.

AI Summary: Awesome Privilege Escalation is a comprehensive resource that curates techniques, tools, and methodologies for privilege escalation across multiple platforms, including Linux, Windows, Docker, and cloud environments. It features a structured table of contents with links to guides, techniques, and relevant presentations, allowing security professionals to efficiently explore various escalation vectors and strategies. Notable sections include targeted discussions on specific operating system techniques and curated tools for CVE identification and exploitation.

AI Summary: The Awesome Red Team Cheatsheet is a comprehensive reference tool designed for red team practitioners, providing techniques and methodologies for various stages of the attack lifecycle, including initial access, privilege escalation, lateral movement, and evasion strategies. It offers detailed sections on specific tactics like credential dumping, active directory exploitation, and OSINT, along with supporting guides on Windows protocols and operational security (OPSEC). Notable features include links to targeted exploitation techniques and enumeration strategies, aiding cybersecurity professionals in simulating attacks and improving defensive measures.

AI Summary: The “awesome-termux-hacking” repository aggregates a collection of tools designed for penetration testing and security assessments on Android devices using the Termux environment. Key tools include ANDRAX, a robust penetration testing platform that functions natively on Android, and ReconCobra, an automated pentest framework for information gathering. This repository enhances the capabilities of ethical hacking on mobile platforms by offering various utilities for tasks such as subdomain enumeration, exploit searching, and proxy management.

AI Summary: The “awesome-web-hacking” repository serves as a comprehensive resource for individuals seeking to enhance their knowledge of web application security. It includes categorized lists of books, documentation, tools, cheat sheets, and educational courses, making it a valuable starting point for learning about penetration testing and various security vulnerabilities. Notable features include contributions from the community through pull requests and a diverse array of resources for both beginners and experienced security professionals.

AI Summary: BabySploit is a user-friendly penetration testing toolkit designed to assist users in learning more complex frameworks like Metasploit. It features an intuitive interface and a suite of tools for exploiting vulnerabilities, making it accessible for users of all experience levels, while being optimized for Kali Linux and also tested for macOS compatibility. Notable functionality includes an integrated configuration management system and support for various essential exploitation tools.

README

Made For Kali Linux. No Support For Other Distros If There Are Problems. Tested and Working on MacOS for most Tools.
Developed by @maxbridgland
Donate

AI Summary: The Bash Bunny Payload Library provides a collection of community-developed payloads and extensions specifically designed for the Hak5 Bash Bunny, utilizing DuckyScript™ and Bash scripting languages. Its primary use case is to enable users to automate various tasks through the intuitive deployment of scripts, with notable features including community contributions and the ability to submit new payloads via pull requests. Additionally, the repository encourages collaboration and offers resources for building payloads through its associated PayloadStudio.

AI Summary: BBOT is a versatile reconnaissance tool designed primarily for automating tasks related to bug bounties and attack surface management (ASM). Notable features include comprehensive subdomain enumeration, web crawling to extract sensitive information, and an efficient integration of multiple APIs to enhance data gathering effectiveness. The tool also boasts a real-time visualization capability, allowing users to intuitively analyze results.

README

BEE·bot is a multipurpose scanner inspired by Spiderfoot, built to automate your Recon, Bug Bounties, and ASM!

https://github.com/blacklanternsecurity/bbot/assets/20261699/e539e89b-92ea-46fa-b893-9cde94eebf81

AI Summary: Black Hat Rust is a specialized resource for understanding and implementing offensive security techniques using the Rust programming language. It covers a broad spectrum of offensive security concepts, including building custom tools for cyber attacks, phishing, and exploitation, while emphasizing practical application and real-world Rust programming practices. Notable features include multi-threaded attack surface discovery and async operations, making it suitable for both developers looking to enhance their security skills and security engineers aiming to leverage Rust for offensive purposes.

AI Summary: BlackArch Linux is a penetration testing distribution based on Arch Linux, providing a repository of over 2,800 security tools organized by category. It offers flexible installation options, compatibility with existing Arch setups, and features a Live ISO for immediate testing. The toolset is aimed at penetration testers and security researchers for tasks such as forensics, reverse engineering, and network analysis.

README

Table of Contents

• Description
• Overview
• Download and Installation
• Key Features
• Installation Instruction
• Usage
• Get Involved
• Contributing
• Contact
• License
• Disclaimer
• Conclusion

Description

BlackArch Linux is an Arch Linux–based penetration testing distribution for penetration testers and security researchers. The repository contains 2850 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installations. For more information, see the installation instructions.

AI Summary: Blackbird is an OSINT tool designed for rapid username and email searches across over 600 platforms, integrating AI-powered profiling for enhanced data analysis. Notable features include community-driven accuracy, smart filters, automated analysis, and the ability to export results as PDF or CSV files. It leverages tools like WhatsMyName to provide low false positive rates while ensuring user privacy during its operations.

README

Blackbird

Blackbird is a powerful OSINT tool that combines fast username and email searches across more than 600 platforms with free AI-powered profiling. By leveraging community-driven projects like WhatsMyName, it ensures low false positive rates and high-quality results. Features include smart filters, polished PDF/CSV exports, and fully automated analysis — all from a single CLI.

AI Summary: BounceBack is a versatile reverse proxy tool designed to enhance the security of red team operations by obfuscating the command-and-control (C2) or phishing infrastructure from detection by blue teams and security tools. It features a highly customizable filtering system that leverages real-time traffic analysis, extensive blacklists, and support for multiple protocols, enabling precise control over which traffic is allowed or denied. Notable capabilities include malleable C2 profile parsing, comprehensive IP address validation, domain fronting, and a robust logging mechanism for monitoring incoming requests and potential security threats.

AI Summary: The “Breaking and Pwning Apps and Servers on AWS and Azure” repository provides comprehensive, hands-on training for security testers and DevSecOps professionals focusing on vulnerability assessment and penetration testing within cloud environments. It includes structured documentation, setup files for creating student virtual machines, and additional resources to facilitate practical lab experiences in identifying and exploiting security weaknesses in AWS and Azure platforms. The training emphasizes real-world attack scenarios and techniques, making it a valuable resource for professionals aiming to bolster their cloud security expertise.

AI Summary: Brutespray is a credential brute-forcing tool designed to automatically test default credentials against discovered services from various scan outputs, including Nmap and Nessus. It supports over 30 protocols and features capabilities such as multi-auth support, password spray mode, an interactive terminal UI, and resume functionality, allowing for efficient and comprehensive credential testing across networks. The tool is built in Go and offers extensive customization options through YAML configuration files and embedded wordlists.

AI Summary: Bug-Bounty-Methodology is a collection of checklists designed for systematic bug bounty hunting. It covers various security testing scenarios, including 2FA testing, CAPTCHA bypass, CSRF protection, and OAuth misconfiguration, providing comprehensive guidelines for identifying vulnerabilities in web applications. Notable features include a structured compilation of methodologies tailored for different attack vectors and documentation that serves as a practical resource for penetration testers.

README

Bug-Bounty-Methodology

These are my checklists which I use during my bug bounty hunting.

AI Summary: Burp AI Agent is an extension for Burp Suite that enhances security testing workflows by integrating AI capabilities. It supports multiple AI backends, allowing users to run both passive and active vulnerability scans across a wide array of vulnerability classes, while featuring options for privacy settings and audit logging for compliance. Additionally, it can connect to external AI agents via the MCP, enabling autonomous operation and enriching the security analysis process.

AI Summary: The Burp Suite Certified Practitioner Exam Study repository contains comprehensive study notes and practical labs designed to aid candidates in preparing for the Burp Suite Certified Practitioner (BSCP) Exam. It includes over 110 labs covering essential topics such as scanning, footholds, privilege escalation, and data exfiltration, alongside practical techniques and scripts tailored for effective web application security testing. Notable features include a structured approach to vulnerability assessment and recommendations for additional training materials and resources to enhance exam readiness.

AI Summary: BurpGPT is an advanced security extension that integrates with Burp Suite to analyze web traffic using AI-driven techniques, specifically utilizing OpenAI’s models to uncover security vulnerabilities that conventional scanners may overlook. Its notable features include customizable prompts for tailored analysis, automated report generation summarizing potential security issues, and granular control over the analysis parameters. This tool streamlines the vulnerability assessment process, improving the efficiency and accuracy of security professionals while handling the complexities of web application security.

AI Summary: BurpSuite-collections is a repository containing various non-BApp Store plugins for Burp Suite, aimed at enhancing penetration testing capabilities. Notable features include SQL injection detection, automated SSRF vulnerability scanning, and the ability to manage variables within Burp, allowing security professionals to effectively discover and exploit vulnerabilities. The project serves primarily as a resource for learning and research related to Burp Suite plugins.

README

Burp-Suite-collections

BurpSuite 相关收集项目，插件主要是非BApp Store（商店）

所有的汉化或者使用burpsuite都是在你配置好了Java环境的前提下！！！相关教程

最新版（202212之后）激活参考这个项目 自己解决，本项目不提供

AI Summary: Buster is a comprehensive Open Source Intelligence (OSINT) tool designed for email reconnaissance, capable of gathering social account links, breaches, and associated domains for a given email address. Notable features include the ability to generate potential emails and usernames, verify existing emails, and query various online sources and databases for comprehensive results. The tool is particularly useful for security researchers and investigators needing to gather detailed information on individuals or validate email addresses.

AI Summary: Cybersecurity AI (CAI) is a robust framework designed for enhancing cybersecurity measures by leveraging artificial intelligence. Its primary use case involves threat detection and incident response, making it suitable for both community and professional environments. Notable features include multi-platform support, advanced token management in the Professional Edition, and real-time performance benchmarks that are accessible for evaluation.

README

Cybersecurity AI (CAI)

AI Summary: Caido is a web application auditing tool designed for security professionals and enthusiasts, facilitating efficient and user-friendly assessments of web application security. It features regular software updates, a comprehensive dashboard for managing audits, and a community platform for user support and engagement.

README

Website   •   Dashboard   •   Docs   •   Roadmap   •   Branding   •   Discord

---

👋 Welcome

Welcome to Caido!

Caido aims to help security professionals and enthusiasts audit web applications with efficiency and ease.

AI Summary: Cameradar is a tool designed for scanning RTSP endpoints on authorized targets, utilizing dictionary attacks to discover credentials and stream routes. Its primary use case is to assess the security of RTSP streams by detecting open hosts, identifying device models, and generating comprehensive reports of findings. Notable features include the ability to enumerate multiple RTSP stream routes and credentials through customizable dictionaries, as well as support for Docker for streamlined deployment.

AI Summary: Cansina is a web content discovery application designed to identify hidden resources in web applications by sending requests and analyzing responses. Its primary use case is for penetration testing, offering features such as data persistence with SQLite, multithreading, customizable headers, and comprehensive filtering options. Notable functionalities include support for multiple wordlists, SSL and proxy capabilities, and integrated tree viewing of results, making it a versatile tool for security professionals.

AI Summary: Capsulecorp Pentest is a pre-configured virtual network environment designed for learning network penetration testing, utilizing Vagrant and Ansible to deploy five virtual machines, including a Linux attacker and four Windows 2019 servers with vulnerable services. This tool streamlines the setup process, allowing users to quickly launch a fully functional Active Directory domain for educational purposes, with included features like a vulnerable Jenkins server, Apache Tomcat, and Metasploit. Its primary use case is to facilitate hands-on pentesting practice in a controlled environment, enhancing learning efficiency.

AI Summary: CDK is a zero dependency container penetration toolkit designed for security testing, enabling stable exploitation across slimmed containers. Its primary use case revolves around container escaping, persistence, and lateral movement within Kubernetes clusters, featuring modules for evaluating container weaknesses, executing various exploits, and providing essential network tools. Notable capabilities include information gathering, direct interaction with the container’s environment, and the ability to initiate and manage attacks seamlessly.

README

CDK - Zero Dependency Container Penetration Toolkit

English | 简体中文

AI Summary: The Censys Subdomain Finder is a command-line tool designed to enumerate subdomains associated with a specified domain using Certificate Transparency logs from Censys. It retrieves subdomains that have ever been issued an SSL certificate by a public Certificate Authority, offering features such as output to a text file and support for API authentication. Notably, users must set up an account with Censys to access the API, as free accounts will face limitations beginning in late 2024.

AI Summary: Cent is a tool designed to organize community-contributed Nuclei templates, simplifying the process of managing and utilizing these resources for vulnerability scanning. Key features include the ability to clone templates from multiple repositories, validate their integrity, and generate detailed summaries of the templates’ metadata, including statistics on validation and severity distribution. Additionally, Cent supports multi-threading for efficient repository management and offers commands for initializing configurations, updating templates, and accessing versioning information.

AI Summary: changeme is a default credential scanner designed to identify default and backdoor credentials, with a focus beyond common credentials. It features support for multiple protocols, including HTTP, MSSQL, MySQL, PostgreSQL, SSH, SNMP, and FTP, and allows users to easily configure new credentials via YAML files without code changes. The tool offers flexible target loading options and can run efficiently using Docker, particularly with Redis as a queue backend, making it suitable for diverse scanning tasks across network environments.

AI Summary: Chimera is a PowerShell obfuscation script designed to evade Detection and AMSI mechanisms by transforming potentially malicious PowerShell scripts into less recognizable forms. Its primary use case is for penetration testing and research into bypassing antivirus signatures, utilizing advanced techniques like string substitution and variable concatenation. Notable features include the capability to digest and obfuscate known malicious scripts while effectively bypassing security detection tools, thereby demonstrating the vulnerabilities in existing AV signatures.

AI Summary: Ciphey is a fully automated tool designed for decryption, decoding, and cracking of encoded data, leveraging natural language processing and artificial intelligence techniques. Its primary use case is to assist cybersecurity professionals and enthusiasts in deciphering encrypted messages and files without requiring prior knowledge of the encryption methods used. Notable features include support for various installation methods (Python, Docker, MacPorts, Homebrew) and a user-friendly interface that simplifies the decryption process.

AI Summary: Clairvoyance is a tool designed to extract GraphQL API schemas even when introspection is disabled, thereby facilitating schema discovery in environments such as production where introspection is typically forbidden. It outputs the schema in a JSON format compatible with other visualization and analysis tools, and it can be easily installed via pip or Docker, allowing users to customize their schema extraction processes using various wordlists.

README

Clairvoyance

Obtain GraphQL API schema even if the introspection is disabled.

AI Summary: ClatScope is an advanced OSINT tool designed for comprehensive online reconnaissance, catering to investigators and cybersecurity professionals. It consolidates data from multiple APIs to deliver insights on IP addresses, domains, emails, and personal data, while offering features such as username verification across numerous platforms, phone number validation, and email security checks. ClatScope Mini provides a simplified version for quick operations without API configuration, making it accessible for immediate use.

AI Summary: Claude Bug Bounty is an AI-powered agent harness tailored for professional bug bounty hunting, enabling users to streamline their testing processes. It intelligently orchestrates over 25 tools, remembers past findings across targets, validates vulnerabilities to reduce false positives, and generates ready-to-submit reports in under a minute. Notable features include Burp MCP integration for live traffic monitoring and an autonomous hunting mode that simplifies the testing workflow.

README

Claude Bug Bounty

The AI-Powered Agent Harness for Professional Bug Bounty Hunting

Your AI copilot that sees live traffic, remembers past hunts, and hunts autonomously.

AI Summary: CloakifyFactory is a tool designed for text-based steganography that transforms any file type into a list of innocuous strings, enabling covert data exfiltration and infiltration while evading detection by data loss prevention systems and analysts. Key features include the ability to cloak various file formats, social engineering capabilities to mislead security reviews, and the option to add noise for enhanced resistance against frequency analysis. It serves as an educational tool for introducing concepts of cryptography and steganography, though it is not secure for sensitive data without prior encryption.

AI Summary: cloud_enum is a multi-cloud OSINT tool designed for the enumeration of public resources across AWS, Azure, and Google Cloud Platform. Its notable features include the ability to identify open and protected cloud resources, such as S3 buckets, Azure storage accounts, and Firebase databases, utilizing customizable keyword inputs for comprehensive scanning. Although currently less maintained, the tool is positioned for migration to the Nuclei framework for improved functionality and community contributions.

AI Summary: CloudBrute is a reconnaissance tool designed for uncovering infrastructure, files, and applications across major cloud providers, including Amazon, Google, Microsoft, and others. Its primary use case targets bug bounty hunters, red teamers, and penetration testers, providing features such as black-box detection, user-agent and proxy randomization, and modular customization to facilitate efficient cloud enumeration and vulnerability assessment without requiring authentication.

README

CloudBrute

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike.

AI Summary: CloudFail is a reconnaissance tool designed to uncover the origin server of targets protected by Cloudflare by utilizing three distinct attack phases: misconfigured DNS scans, querying the Crimeflare database, and brute-forcing over 2500 subdomains. The tool operates through Tor to maintain anonymity while performing these scans, making it particularly useful for security researchers conducting penetration tests or academic inquiries. Key features include seamless integration with Tor for privacy, a focus on potential DNS misconfigurations, and an easy-to-use scanning interface.

AI Summary: The Collection Document repository is a curated compilation of quality safety articles aimed at enhancing knowledge in various cybersecurity domains. Its primary use case includes providing resources on topics such as penetration testing, threat detection, cloud security, and personal security, among others. Notable features of the collection include links to deep dives into specialized security areas, ongoing updates, and insights into modern security solutions like AI safety and zero trust architecture.

AI Summary: Commix is an open-source penetration testing tool designed for automating the detection and exploitation of command injection vulnerabilities in web applications. It supports multiple Python versions and includes extensive documentation with usage examples, facilitating ease of deployment and operation for security professionals. Notable features include comprehensive exploitation capabilities and a user-friendly interface for navigating various commands and options.

README

Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos (@ancst), that automates the detection and exploitation of command injection vulnerabilities.

AI Summary: The “conti-pentester-guide-leak” repository serves as an archive for leaked pentesting materials associated with the Conti ransomware group, providing insights into their methodologies and tools. It includes guides on a variety of techniques such as data exfiltration, network exploitation, and the usage of tools like Metasploit and Cobalt Strike. This material is aimed at enhancing pentesting skills for security professionals and aiding defenders in detecting and mitigating similar attacks, while emphasizing its usage for educational purposes only.

AI Summary: Cr3dOv3r is a Python-based tool designed for detecting credential reuse vulnerabilities by querying public data leaks and verifying whether compromised credentials can access popular websites. Its notable features include integration with the Have I Been Pwned API for leak search and functionality to test the validity of leaked passwords against various online platforms while detecting CAPTCHA prompts. This tool is particularly useful for penetration testing and security assessments.

AI Summary: Cracker-Tool is a multifunctional hacking and penetration testing toolbox designed for Termux users, featuring a variety of capabilities including IP tools, subdomain scanning, DDoS attacks, SQL injections, and more. Notable functionalities include Cloudflare bypass for DDoS, identity generators, and a variety of administrative tools, making it a comprehensive resource for security testing. The tool is implemented in Python and Bash, emphasizing ease of installation and set up within the Termux environment.

AI Summary: CrossLinked is a LinkedIn enumeration tool that leverages search engine scraping to extract valid employee names from targeted organizations, enabling enumeration without the need for API keys or direct LinkedIn access. It supports customizable naming conventions for output formatting and offers features like proxy rotation and the ability to parse data into both text and CSV files. This tool is particularly useful for security researchers and penetration testers looking to gather information about potential targets.

AI Summary: The Crypto-Cat/CTF repository serves as a comprehensive resource for Capture The Flag (CTF) challenges, offering write-ups, scripts, and files aligned with video walkthroughs. Its primary use case is to aid users in learning and solving various CTF challenges through curated links to additional resources, including pentesting and reverse engineering tools. Notable features include an extensive directory of CTF platforms, resources for blue team activities, and a collection of cybersecurity educational content.

AI Summary: The CTF-notes repository provides a comprehensive collection of resources and structured notes aimed at aiding individuals in preparing for Capture The Flag (CTF) competitions and penetration testing exams, such as the OSCP. It includes detailed checklists, exploitation techniques for various platforms, vulnerability payloads, and methodologies for offensive security. Noteworthy features include organized sections for post-exploitation tactics, memory forensics, and specific vulnerabilities, alongside a dedicated cheat sheet repository for quick reference during assessments.

AI Summary: CTFR is a tool designed to extract subdomains from HTTPS websites by leveraging Certificate Transparency logs, rather than employing conventional dictionary or brute-force attacks. Its primary use case is for cybersecurity professionals and researchers to quickly enumerate subdomains for a given target domain, with features that allow output to a specified file. The tool is straightforward to install and run, requiring only Python and pip, and offers a simple command-line interface for usage.

AI Summary: CTFs is a repository containing write-ups and resources for various Cyber Capture The Flag (CTF) challenges. It offers a comprehensive cheat sheet detailing strategies and techniques across diverse categories, including forensics, binary exploitation, web challenges, and cryptography. Notable features include curated educational resources, practice sites, and a web mirror for easy access.

README

CTFs

Writeups / Files for some of the Cyber CTFs that I’ve done

I’ve also included a list of CTF resources as well as a comprehensive cheat sheet covering tons of common CTF challenges

AI Summary: The CVE PoC tool aggregates nearly every publicly available Proof-of-Concept (PoC) for Common Vulnerabilities and Exposures (CVEs), providing a comprehensive database of exploits for security professionals. It employs automated workflows to scrape and validate CVE details from various sources, including GitHub and HackerOne reports, while also allowing users to browse, search, and monitor PoCs for specific vulnerabilities. Noteworthy features include real-time updates, easy-to-read markdown documentation, and the ability to generate GitHub badges for affected software versions.

AI Summary: The CVE-2021-44228-PoC-log4j-bypass-words tool demonstrates various methods to exploit the Apache Log4j vulnerability, specifically focusing on bypassing WAF protections and patched versions. It provides multiple techniques, including the use of system environment variables, case manipulation, and invalid Unicode to obfuscate the exploit strings. Notable features include dynamic manipulation of Java naming lookups and the ability to use non-existent lookups for stealthy exploitation attempts.

README

🤝 Show your support - give a ⭐️ if you liked the content | SHARE on Twitter | Follow me on

🐱‍💻 ✂️ 🤬 LOG4J Java exploit - WAF and patches bypass tricks

📝 Description

CVE-2021-44228 works on:

AI Summary: The CyberSecurity repository offers a comprehensive collection of resources and tools aimed at individuals interested in cybersecurity, encompassing a wide range of topics from security models and threat identification to practical tools for ethical hacking. Notable features include a curated list of command-line and graphical user interface tools for pentesting, along with educational content covering ethical and legal aspects, security frameworks, and network fundamentals. This repository serves as a valuable reference for both newcomers and experienced professionals in the cybersecurity domain.

AI Summary: The cybersecurity-career-path repository provides a comprehensive guide to various career trajectories within cybersecurity, detailing essential skills, training, and resources for both offensive and defensive roles. Notable features include a structured overview of job titles, practical utilities, and a free platform called Career Coach for personalized career advancement. It serves as a valuable resource for individuals at any stage of their cybersecurity journey.

README

UPDATE: We’ve expanded our repository with complete career paths, essential skills training, and a ton of practical utilities and materials named Career Coach ; all available for free! Whether you’re just starting out or looking to level up, enroll in any career path at no cost, keep progressing, and fuel your professional growth with these comprehensive tools designed to help you succeed. Check out our app for seamless access and personalized guidance! Career Coach

Cybersecurity Career Path ⬆️

AI Summary: The Cybersecurity Projects repository offers a collection of 67 hands-on projects spanning from beginner to advanced levels, designed to enhance practical skills in cybersecurity. It includes structured certification roadmaps for various roles within the field, as well as a comprehensive array of learning resources such as tools, courses, and frameworks for cybersecurity professionals. Notable features include the full source code availability for projects, covering diverse topics like port scanning, keylogging, and encryption techniques.

AI Summary: CyberStrikeAI is an AI-integrated security testing platform developed in Go, designed for automated vulnerability discovery and attack-chain analysis. It features a vast integration of over 100 security tools, AI-driven orchestration, role-based testing, and lifecycle management to create a collaborative and auditable environment for security teams. Notable features include a web console, AI decision engine with OpenAI compatibility, detailed vulnerability management, and a comprehensive knowledge base for enhanced security expertise.

AI Summary: Damn Vulnerable Bank is an intentionally vulnerable Android application designed to educate users on security flaws in banking apps. Its primary use case is for security professionals and developers to explore various vulnerabilities, such as root detection and insecure storage, by interacting with features like user registration, fund transfers, and transaction history. Notable features include fingerprint and PIN verification for transactions, as well as a gamified approach to discovering hidden vulnerabilities within the app.

AI Summary: DataSurgeon is a comprehensive tool for extracting sensitive information pertinent to incident response, DLP, penetration testing, and CTF challenges. It supports extraction of a wide range of data types—including emails, credit cards, URLs, and various hashes—across multiple operating systems, and features a plugin management system that allows users to extend its functionality. Notable features include recursive file analysis, CSV output capabilities, and multi-platform support enabling usage on Windows, Linux, and macOS.

AI Summary: DDexec is a sophisticated tool designed for executing binaries by manipulating existing processes on Linux systems, utilizing memory hijacking techniques. Its notable features include the ability to run machine code directly, support for various shells, and the option to replace traditional file access methods with alternative seeking tools, which can obfuscate executable detection. The utility’s architecture minimizes dependencies, enhancing performance and potentially expanding compatibility to platforms like Android.

AI Summary: DeathStar is a Python script designed to automate the exploitation of misconfigurations within Active Directory environments to attain Domain and Enterprise Admin rights by leveraging the RESTful API of the Empire framework. Notable features include a plugin system for extensibility, support for multiple Active Directory domains and forests, real-time adaptive monitoring during attacks, and a fully asynchronous operation model. This tool aims to provide a comprehensive solution for demonstrating prevalent Active Directory vulnerabilities in a reliable and non-disruptive manner.

AI Summary: Decepticon is a Vibe Hacking agent designed to streamline the red teaming process by utilizing AI to automate repetitive tasks such as scanning, service enumeration, and executing multi-stage attacks. Its primary use case is in penetration testing, where it simulates real-world attack scenarios to evaluate an organization’s security posture effectively. Notable features include the ability to handle the full kill chain, integrate with AI API keys, and operate within a Docker environment for ease of deployment.

AI Summary: The DedSec Project is an educational toolkit designed for Android using Termux, integrating various scripts, utilities, and local web interfaces to facilitate learning about cybersecurity tools and workflows. It aims to enhance users’ understanding of defensive awareness through practical exercises and organized scripts, while supporting both English and Greek interfaces. Notable features include a comprehensive installation guide, diverse categories of tools, and a focus on educational usage, including personal information capture and simulated environments.

AI Summary: The Default Credentials Cheat Sheet is a tool designed for penetration testers and blue teamers, providing a comprehensive repository of default login credentials for various products to aid in security assessments. Notable features include a searchable database of over 3,700 default credentials, the ability to export results for use in brute force attacks, and automated updates to maintain current data. The tool is easily installable via pip and supports operations across multiple operating systems.

AI Summary: The Dictionary-Of-Pentesting is a comprehensive collection of dictionaries designed for penetration testing, vulnerability discovery, brute force attacks, and fuzzing. It categorizes resources such as authentication, file paths, ports, domains, and various default credentials, and continuously expands its listings to include regex patterns, user credentials, and application-specific payloads. Notable features include a broad range of default password lists, HTTP parameter enumeration, and the inclusion of specific patterns for cloud services and common vulnerabilities.

AI Summary: Dirhunt is a web crawling tool designed to search for and analyze directories on web servers, identifying interesting content even when directory listings are disabled. It efficiently detects false 404 errors and empty index files while minimizing server requests, supporting features such as multiple site processing, detection of redirectors, and integration with various data sources for enhanced directory discovery. The tool is aimed at audit teams and is intended for use on owned or authorized servers only.

AI Summary: Dirmap is an advanced web directory scanning tool designed for comprehensive directory discovery and vulnerability assessment, surpassing the capabilities of tools like DirBuster and Dirsearch. Its notable features include support for concurrent scanning across multiple targets and payloads, recursive scanning with customizable status code triggers, dynamic dictionary creation through web crawling, and extensive configuration options for request handling and response processing. This makes Dirmap particularly effective for security professionals conducting thorough penetration testing and vulnerability assessments on web applications.

AI Summary: Discover is a customizable suite of bash scripts designed to automate various tasks in penetration testing, including recon, scanning, enumeration, and malicious payload creation with Metasploit, ideal for use on Kali Linux or Ubuntu systems. Notable features include multiple reconnaissance options for domains and persons, automated scanning tools that utilize Nmap and other utilities, and web application testing facilities incorporating tools like Nikto and SSL analysers. The tool simplifies complex penetration testing workflows through an organized menu structure, enabling swift task execution.

AI Summary: DllShimmer is a tool designed to facilitate DLL hijacking by allowing users to backdoor any function in a DLL without disrupting the normal operation of the host program. It generates proxy DLLs through a boilerplate C++ file and a corresponding .def file, ensuring that all exported functions maintain their original names and ordinal numbers, thus avoiding detection. Key features include support for both dynamic and static linking, the option to prevent multiple executions of the backdoor, and comprehensive debug logging capabilities.

AI Summary: DNSGen 2.0 is an advanced DNS name permutation engine tailored for security researchers and penetration testers, facilitating subdomain discovery and security assessments through the generation of intelligent domain name variations. Notable features include a smart domain name permutation engine, support for custom wordlists, multiple sophisticated permutation techniques such as word affixing and cloud-specific patterns, and integration capabilities with tools like MassDNS for efficient domain resolution.

README

DNSGen 2.0 - Advanced DNS Name Permutation Engine 🚀

AI Summary: DogeRat is an advanced Android remote administration tool (RAT) that enables real-time control over Android devices through a Telegram-based interface without the need for port forwarding. Notable features include the ability to send and receive messages, capture multimedia, access location data, manage contacts, and utilize keylogger functionality, with additional capabilities available in its paid version, such as encryption and undetectable injections. The tool is intended solely for educational purposes and boasts a comprehensive set of functionalities for thorough device management.

AI Summary: DOMLoggerpp is a browser extension designed for monitoring, intercepting, and debugging JavaScript sinks through customizable configurations. It features regex-based domain management, flexible hooking options, on-demand debugging breakpoints, a dynamic notification system, and an integrated Devtools log panel for enhanced log management and filtering. This tool is especially useful for developers and security professionals looking to analyze and debug JavaScript execution flows within web applications.

README

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

AI Summary: Dorks-collections list is a comprehensive repository that aggregates various search engine dorks tailored for cybersecurity professionals, penetration testers, and researchers. It features organized links to dork lists across multiple platforms such as Google, Shodan, and GitHub, facilitating targeted searches for sensitive data and vulnerabilities. Notable features include specific sections for different types of dorks, including those for detecting sensitive files, SQL injection vulnerabilities, and administrative panels, alongside automation tools and browser extensions for streamlined usage.

AI Summary: Dradis is an open-source collaboration framework designed for automated penetration testing report generation, enabling InfoSec teams to streamline reporting processes by importing data from various security tools like Burp Suite and Nessus. Its notable features include platform independence, markup support for notes, and a powerful extensions interface that enhances flexibility and usability. Dradis aims to generate consistent and professional pentest reports while minimizing manual efforts, thereby allowing teams to focus on analysis and recommendations.

AI Summary: DroneSploit is a command-line interface framework designed for penetration testing of light commercial drones, leveraging techniques and exploits similar to Metasploit. It allows users to interactively conduct security assessments on drone systems, with features that include a variety of modules for specific drone payload alterations such as changing passwords or SSIDs. The framework’s structure facilitates easy extension and integration of new hacking techniques.

README

DroneSploit

Easily pentest drones.

AI Summary: The DumpsterFire Toolset is a cross-platform, modular tool designed for creating automated, time-delayed security events suitable for both Red and Blue Team exercises. Its primary use case is to facilitate realistic cyber incident simulations and training by allowing users to build customizable event chains that can generate network and filesystem artifacts, enhancing incident response capabilities. Notable features include dynamic extensibility for adding custom event modules, a menu-driven interface for ease of use, and the ability to run exercises in a controlled manner without direct supervision.

AI Summary: EggShell is a post-exploitation surveillance tool developed in Python, designed for establishing command line sessions on target machines with extended functionalities. Notable features include file uploading/downloading, tab completion, command execution, photo capturing, and device location tracking, with enhanced security through SSL and support for Linux and iOS in version 3.0.0. This tool serves as a proof of concept for penetration testing on devices that users own.

README

EggShell

About

EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own.

AI Summary: Elpscrk is an intelligent password generation tool designed to create permutations based on user-provided information about a target, effectively generating potential passwords through statistical methodologies. It offers six complication levels ranging from simple to highly complex, enabling tailored password generation based on the user’s customization needs. Notably, Elpscrk is memory efficient and capable of producing up to one million password combinations, making it a powerful option for password profiling and security analysis.

AI Summary: EmploLeaks is an Open Source Intelligence (OSINT) tool that facilitates the gathering of employee information from companies, primarily utilizing LinkedIn to extract employee lists and personal email addresses. Notable features include the ability to search a custom COMB database for leaked passwords using the retrieved emails, and an extension for identifying personal code repositories on GitLab. The tool requires Python for installation and offers a user-friendly command-line interface for executing its functionalities.

AI Summary: enum4linux-ng is an advanced enumeration tool designed for extracting information from Windows and Samba systems, primarily targeted at security professionals and CTF participants. It builds on the capabilities of the original enum4linux by incorporating enhanced output parsing, allowing for findings to be exported in YAML or JSON formats, and implementing features such as multiple authentication methods, smart enumeration, and support for both IPv6 and SMBv1.

README

enum4linux-ng

A next generation version of enum4linux

AI Summary: espoofer is an open-source tool designed to assess vulnerabilities in email systems related to SPF, DKIM, and DMARC authentication protocols. It aims to aid mail server administrators and penetration testers in identifying potential weaknesses that could be exploited for email spoofing attacks. Notable features include three operational modes—server, client, and manual—that facilitate comprehensive testing of both sending and receiving services.

README

espoofer

espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails.

AI Summary: Ethical Hacking Labs is a comprehensive educational resource designed for students and professionals in the cybersecurity field, providing a hands-on approach to learning ethical hacking techniques. It includes a series of tutorials that cover essential topics such as networking, system administration, and various ethical hacking methodologies, from basic to advanced practices. Notable features include practical labs, foundational modules on core knowledge, and guidance on using tools like Metasploit, Maltego, and Recon-ng for effective penetration testing and reconnaissance.

AI Summary: Evil-WinRM is a versatile Ruby-based tool designed for penetration testing that facilitates remote command execution via Windows Remote Management (WinRM) protocol. It supports advanced features such as in-memory script and DLL execution, pass-the-hash and Kerberos authentication, SSL, and customizable logging, making it particularly effective for post-exploitation scenarios. The tool is compatible with both Linux and Windows clients, providing a robust interface for querying and managing remote Windows systems while bypassing some antivirus defenses.

AI Summary: Evil Limiter is a network management tool designed to monitor, analyze, and control the bandwidth of devices on a local network without needing physical or administrative access. Utilizing ARP spoofing and traffic shaping techniques, it enables users to throttle upload and download speeds for specific hosts, block internet connections, and manage network resources effectively through a command-line interface. Notable features include automatic network configuration detection, the ability to scan IP ranges, and manage hosts dynamically with various commands for limiting and unblocking access.

AI Summary: EvilOSX is a Remote Administration Tool (RAT) designed for macOS that enables stealthy monitoring and control of compromised systems. It boasts features such as terminal emulation, module extensibility, and the ability to retrieve sensitive user data like passwords and iCloud tokens, all while remaining undetected by antivirus solutions through encrypted payloads. Additionally, it includes functionalities for taking screenshots, recording audio, and executing local privilege escalation attempts, making it a potent tool for unauthorized system access and data exfiltration.

AI Summary: EvilWAF is a sophisticated transparent MITM Firewall bypass proxy and deep WAF vulnerability scanner designed for authorized security testing purposes. It operates at the transport layer, allowing seamless integration with various security tools while employing advanced techniques such as TCP and TLS fingerprint rotation, source port manipulation, and automated WAF detection to evade defensive mechanisms. Notable features include a comprehensive multi-layer WAF scanning capability, direct origin bypass, and a robust IP rotation strategy through Tor and proxy pools, ensuring effective assessment of firewall vulnerabilities.

AI Summary: Exegol is a modular cybersecurity environment tailored for offensive security professionals, addressing traditional security distribution challenges. Its primary use case is for hackers and security experts who require a reliable toolkit for field operations. Notable features include its customizable structure and community-driven design, enhancing usability and effectiveness in practical cybersecurity applications.

README

Exegol is a comprehensive cybersecurity environment designed by offensive security experts, for fellow hackers, with its community. It solves the common pain points of traditional security distributions by providing a modular and reliable toolkit that’s made for the field.

AI Summary: Exploit Notes is a comprehensive resource platform designed for security research, focusing on hacking techniques and tools applicable to penetration testing, bug bounty programs, and Capture The Flag (CTF) challenges. It encompasses a wide array of topics including reconnaissance, various operating systems, web applications, databases, networks, and emerging technologies such as AI and blockchain. Users can leverage this repository for educational purposes, with the option to run it locally via a straightforward setup process.

AI Summary: Eyeballer is a tool designed for large-scope network penetration testing, specifically aimed at identifying potentially vulnerable web hosts from a vast collection of screenshots. It employs machine learning to classify sites into categories such as “Old-Looking Sites,” “Login Pages,” and “Parked Domains,” allowing users to prioritize targets based on their likelihood of containing vulnerabilities. Notable features include support for GPU usage, a user-friendly setup process, and integration with popular screenshotting tools like EyeWitness and GoWitness.

AI Summary: f8x is an automated deployment tool focused on Infrastructure as Code (IaC) that leverages Terraform and Wails to facilitate multi-cloud deployment and project orchestration. Its primary use case includes setting up various environments for Red/Blue team operations, providing options for batch installations of essential tools, and deploying specific environments such as CTFs and middleware with minimal dependencies. Notable features include a variety of installation options for development and pentesting environments, and full compatibility with multiple Linux distributions.

AI Summary: Faraday is an open-source vulnerability management tool designed to facilitate the organization, aggregation, and visualization of security data in a multiuser environment. Its primary use case is to streamline vulnerability discovery and management by integrating various community tools while providing insightful visualizations for both managers and analysts. Notable features include its command-line interface for direct terminal access, support for multiple installation methods (including Docker and PyPi), and the ability to automate scanning tools within CI/CD pipelines.

AI Summary: FBI-tools is a comprehensive Open Source Intelligence (OSINT) toolkit featuring a variety of tools for analysts to gather and analyze data from multiple online sources. Its notable features include domain squatting detection with SquatSquasher, web reconnaissance capabilities with reNgine, and efficient user account searches across platforms using UsernameSearchOSINT. Additionally, the collection encompasses specialized tools for investigating social media, phone numbers, and dark web intelligence, streamlining the OSINT process.

AI Summary: FilelessPELoader is a tool designed to load and execute AES-encrypted Portable Executable (PE) files directly into memory, bypassing the need for traditional file storage. Its primary use case is to facilitate stealthy execution of payloads in memory, enhancing evasion techniques commonly utilized in cybersecurity attacks. Notable features include the ability to decrypt the PE file in-memory and execute it without leaving traces on disk.

README

FilelessPELoader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

AI Summary: FinalRecon is an automated web reconnaissance tool designed to efficiently gather comprehensive information about a target in a short time, maintaining high accuracy without the overhead of multiple dependencies. Notable features include detailed data collection on headers, WHOIS, SSL certificate information, DNS enumeration, subdomain and directory enumeration, web crawling, and a port scanning functionality, all in one compact solution. This tool is especially useful for OSINT practitioners seeking quick and reliable data during the reconnaissance phase of security assessments.

AI Summary: Firecrack is a multi-functional penetration testing tool designed for exploiting vulnerabilities in websites and Facebook accounts. Its primary use cases include executing brute force attacks on Facebook accounts, finding administrative panels, performing Bing dorking for domain collection, and facilitating website defacement using the file upload method. Notable features include the ability to conduct random attacks on multiple Facebook accounts and an integrated admin finder tool.

README

Firecrack :fire:

What is firecrack tools ? Firecrack tools are tools for testing and testing on websites or Facebook accounts, conducting
testing on hundreds of Facebook accounts with random accounts and random wordlist, and there are
for testing websites, such as admin finder and deface with file upload method, and Bing dorking
to collect Many domains, Bing Dorking is useful if you are collecting a lot of domains.
more tools: :point_down:

firecrack fiture:

AI Summary: Flask Session Cookie Manager is a Python tool that encodes and decodes Flask session cookies, facilitating easier management of session data. It offers commands for encoding session information into a cookie format and decoding existing cookies back into a readable structure, with support for both Python 2 and 3. Notable features include optional secret key usage for secure operations and clear command-line arguments for encoding and decoding tasks.

AI Summary: Frida iOS Hook is a Python-based tool designed for dynamic analysis and function hooking of iOS applications through Frida. Its primary use case involves tracing classes and functions, modifying method return values, and providing a suite of commands for process manipulation, memory dumping, and API interception. Notable features include support for both spawn and attach modes, an interactive CLI, and extensive options for script execution and device management.

AI Summary: Fridare is an automation tool for modifying the Frida server on iOS, Android, Linux, and Windows platforms, designed to enhance security and flexibility by allowing users to change server names and ports while bypassing jailbreak detection. The tool features a dual-mode interface, offering both a robust command line and a modern graphical user interface (GUI) based on the Fyne framework, facilitating intuitive server modifications and visual feedback. Notable functionalities include cross-platform support, binary replacement, custom packaging, and dependency management, making it a comprehensive solution for Frida users across different environments.

AI Summary: fsociety is a modular penetration testing framework designed to assist cybersecurity professionals in conducting security assessments. Notable features include a command-line interface with options for retrieving information and suggesting tools, as well as support for installation via pip and Docker. The framework’s modular approach allows users to integrate various tools for comprehensive security testing.

README

fsociety

AI Summary: Fsociety is a comprehensive penetration testing framework designed to provide a wide array of hacking tools utilized in the Mr. Robot series. It features modules for information gathering, password attacks, wireless testing, exploitation, web hacking, and post-exploitation, all implemented in Python 2, with detailed installation instructions for various platforms, including Docker support. Notable tools included are Nmap, sqlmap, WPScan, and several others tailored for diverse security testing scenarios.

AI Summary: Fuxploider is an open-source penetration testing tool designed to automate the detection and exploitation of vulnerabilities in file upload forms. Its primary use case is to identify permissible file types and effectively upload web shells or malicious files to targeted web servers using optimized techniques. Notable features include support for Python 3.6 and the ability to utilize Docker for installation, providing flexibility across different environments.

README

fuxploider

AI Summary: fuzzDicts is a comprehensive web penetration testing dictionary tool designed for security professionals to enhance fuzzing and brute-force attacks. It features an extensive collection of payloads, username lists, and weak password dictionaries, regularly updated to include specific vulnerabilities across different systems, including Unix and Windows. Notable features include categorized dictionaries for remote code execution, XSS attacks, and various common website directories, making it a valuable resource for security testing and exploitation.

AI Summary: Galaxy Bugbounty Checklist is a comprehensive tool designed to aid bug bounty hunters by providing an organized and detailed checklist of security assessment techniques. It includes specific references for various testing methodologies such as Account Takeover, CSRF Bypass, and OSINT, making it an essential resource for systematic vulnerability evaluation. Notable features include its structured format and accessibility for users to seek assistance directly through the provided contact.

README

Notes

• Try to make best Bug Bounty Checklist.
• All checklists come with references.
• Feel free to contact me maximus0xday [at] gmail if you have any question.

To do list:

AI Summary: Garud is an automation tool designed for reconnaissance, specifically targeting sub-domain enumeration and vulnerability scanning for injection points such as XSS, SSRF, and SSTI. It integrates multiple popular bug bounty tools, including Assetfinder, Subfinder, and Nuclei, to streamline the scanning process, outputting results systematically while notifying the user upon completion. Notable features include the ability to filter and identify low-hanging vulnerabilities, along with systematic data collection and reporting functionalities.

AI Summary: getJS is a command-line tool and Go package designed for extracting JavaScript sources from URLs and HTTP responses, catering primarily to penetration testers, bug bounty hunters, and developers. Its notable features include customizable request options, support for input from files, and the ability to resolve relative URLs, enhancing the efficiency of JavaScript extraction processes.

README

JavaScript Extraction CLI & Package

This is a powerful tool for extracting JavaScript sources from URLs and web pages / HTTP responses. It offers a command-line interface (CLI) for straightforward URL processing and a package interface for custom integrations, making it ideal for pentesters, bug bounty hunters, and developers needing to extract JS sources efficiently.

AI Summary: GhostTrack is an OSINT tool designed for tracking the location or mobile number of targets, facilitating information gathering through various tracking functionalities. Its notable features include IP tracking, phone number tracking, and username tracking across social media platforms, allowing users to collect comprehensive data on their targets. The tool is straightforward to install on Linux or Termux and is continuously updated, with the latest version being 2.2.

README

GhostTrack

Useful tool to track location or mobile number, so this tool can be called osint or also information gathering

AI Summary: Ghostwriter is an open-source platform that streamlines offensive security operations by facilitating report writing, asset tracking, and assessment management. Key features include a robust reporting engine with customizable templates, role-based access controls, and integrations with tools like Mythic C2 and Cobalt Strike for automatic activity logging. The platform enhances collaboration among red teams and consultants by providing a centralized environment to manage client information and generate comprehensive reports in various formats.

AI Summary: GitHub Search is a collection of tools designed to perform advanced searches on GitHub repositories using bash, Python, and PHP. It primarily facilitates users in conducting tailored searches across GitHub by leveraging personal access tokens for authentication, enhancing the search capability and efficiency. Notable features include support for multiple scripting languages and a straightforward setup process through environment variable configuration or a tokens file.

README

github-search

A collection of tools to perform searches on GitHub.

AI Summary: The github-subdomains tool is designed to search GitHub for subdomains related to a specified domain and parse the search results efficiently. Key features include the ability to use multiple GitHub tokens to manage rate limits, an option for extended searches, and customizable output formats for the collected subdomains. This tool is particularly useful for security researchers and analysts looking to identify exposed subdomains for threat assessment or reconnaissance purposes.

AI Summary: Gitjacker is a tool designed to retrieve git repositories and their contents from web servers where the .git directory has been unintentionally exposed. It effectively extracts repository data even when directory listings are disabled, making it suitable for educational purposes and penetration testing. Notable features include ease of installation via a simple script and the ability to operate in scenarios where access to traditional repository resources is restricted.

AI Summary: Goby is a network security assessment tool designed for efficient vulnerability scanning and comprehensive attack surface analysis of target enterprises. It features over 100,000 rule recognition engines and 200 protocol recognition engines, facilitating identification of various network and software vulnerabilities, along with access to preset account information for more than 1,000 devices. Additionally, Goby supports cross-platform functionality on Windows, MacOS, and Linux, and employs a user-friendly interface built with Electron and Vue.

AI Summary: GooHak is an automated tool designed for launching Google hacking queries against specified target domains to uncover vulnerabilities and facilitate enumeration. Its primary use case is to streamline the process of gathering information through tailored search queries, leveraging Google’s search capabilities. Notable features include straightforward command-line usage and dependencies tailored for Linux environments.

README

GooHak

ABOUT:

Automatically launch google hacking queries against a target domain to find vulnerabilities and enumerate a target.

AI Summary: GoScan is an interactive network scanner client designed to automate and provide abstraction over nmap, facilitating host discovery, port scanning, and service enumeration. It is particularly suitable for use in CTFs, OSCP exams, or professional engagements, capable of maintaining scan state in an SQLite database, allowing for asynchronous results upload even in unstable network conditions. Notable features include service enumeration integration with additional tools such as EyeWitness and Hydra, real-time auto-completion, and support for importing data at various stages of the scanning process.

AI Summary: GoSearch is an OSINT tool designed to automate the process of searching for online profiles associated with specific usernames, utilizing concurrency for efficiency. It integrates searches across multiple extensive databases, including 900,000 leaked credentials from HudsonRock and over 18 billion from BreachDirectory, enhancing its capability to detect compromised accounts. Notable features include the ability to filter results for accuracy with the --no-false-positives flag and the option to crack found password hashes using Weakpass, significantly boosting the tool’s effectiveness in cybersecurity investigations.

AI Summary: Guardian is an AI-powered penetration testing automation platform designed for enterprise environments, integrating multiple AI providers with extensive security tools to perform intelligent and adaptive security assessments. It features a multi-agent architecture for strategic decision-making, 19 integrated security tools for thorough testing, and enhanced evidence capture for complete traceability of findings. Users must ensure authorized access before conducting tests, adhering to legal and ethical guidelines.

README

🔐 Guardian

AI-Powered Penetration Testing Automation Platform

AI Summary: HackBrowserData is a command-line utility designed for decrypting and exporting sensitive data, such as passwords, cookies, and browsing history, from various popular web browsers on Windows, macOS, and Linux. Its notable features include support for the latest encryption standards, like AES-256-CBC for Firefox 144 and beyond, and comprehensive compatibility with a wide range of browsers including Google Chrome, Microsoft Edge, and Opera. The tool emphasizes its intended use for security research while disclaiming legal responsibilities associated with its application.

AI Summary: HackDroid is a comprehensive collection of penetration testing and security-related applications tailored for Android devices. It organizes applications into diverse categories, including forensics, networking, and cryptography, to facilitate easy access and download, while emphasizing the necessity of root permissions and ethical use cases. Notable features include a wide range of tools for various hacking and security tasks, and guidance for use on secondary devices to mitigate risks.

README

AI Summary: The Hacker Roadmap is a comprehensive guide designed to assist individuals at various stages of their cybersecurity journey, from hobbyists to those pursuing certifications or degrees. It outlines multiple pathways tailored to specific goals, such as becoming a bug bounty hunter or quickly entering the cybersecurity workforce. Notable features include structured roadmaps, visual resources, and links to additional hacking aids for both red and blue team strategies.

README

Hacker Roadmap

Are you ready to embark on an electrifying journey into the depths of cybersecurity? Whether you’re eyeing a prestigious certification, gearing up for a Bachelor’s degree, or simply indulging your insatiable curiosity, this roadmap is your ultimate guide to becoming a true hacking virtuoso. But before we dive into the nitty-gritty, let’s set the stage. Are you in it for the thrill, the challenge, or perhaps envisioning a career at the cutting edge of cyber defense? Your motivations will shape the path ahead, so let’s chart a course tailored precisely to your aspirations.

AI Summary: HackerPro is a comprehensive pentesting toolkit designed for security professionals, offering a wide array of tools for information gathering, password attacks, wireless testing, web hacking, and post-exploitation. Notable features include Nmap for network scanning, sqlmap for SQL injection, and a suite of tools for scanning and exploiting web applications. This tool facilitates multi-faceted penetration testing, making it essential for those engaged in cybersecurity assessments.

README

AI Summary: HackGPT Enterprise is an AI-powered penetration testing platform tailored for enterprise security teams, designed to deliver comprehensive cybersecurity assessments through its advanced AI and machine learning capabilities. Key features include multi-model support for AI engines, automated reporting, robust compliance frameworks, and a cloud-native microservices architecture that enhances performance and scalability. Its tools for zero-day detection, risk intelligence, and extensive reporting ensure that organizations maintain a proactive stance against security threats.

AI Summary: Hacking-Tools is a curated collection of penetration testing and ethical hacking utilities, including essential tools from Kali Linux. It is organized into categories such as information gathering, vulnerability analysis, and exploitation tools, facilitating easy navigation and use. Notable features include a featured tool, BugBoard, designed to automate vulnerability detection for bug bounty hunters and security researchers.

README

Hacking-Tools

AI Summary: HackingBuddyGPT is a tool designed to assist security researchers in leveraging large language models (LLMs) for discovering new attack vectors, enabling efficient penetration testing and security assessments in 50 lines of code or less. Notable features include support for SSH connections to remote targets and local shell execution, enhancing testing capabilities while maintaining awareness of potential risks to live environments. The framework also provides reusable benchmarks for Linux privilege escalation and comparative analyses of multiple LLMs to facilitate optimal usage in security tasks.

AI Summary: HackTools is an all-in-one browser extension designed for offensive security professionals to facilitate web application penetration testing. It consolidates numerous penetration testing tools, including dynamic reverse shell generators, XSS payloads, and SQL injection payloads, allowing users to access critical functions quickly through a user-friendly command palette. The extension aims to enhance efficiency by eliminating the need to search for payloads across various platforms, all accessible within the browser’s DevTools environment.

AI Summary: HackVault is a container repository designed for both defensive and offensive hacking tools. Its primary use case is to centralize and share various hacking utilities, which are intended to be continuously updated with new content over time. Notable features include a structured Wiki section for detailed information and ongoing additions to its arsenal of tools.

README

HackVault

This is a container repository for my defensive/offensive hacks. Go check the Wiki section for more information! Ideally, it’d be continually updated with new interesting stuff over time!

AI Summary: Heroinn is a cross-platform command-and-control (C2) and post-exploitation framework developed in Rust, designed primarily for research and educational purposes. Notable features include a graphical user interface (GUI), an interactive PTY shell, system information collection, file management with support for large files and resuming broken transfers, and compatibility with multiple operating systems including Windows, Linux, BSD, and macOS, leveraging various communication protocols such as TCP, HTTP, and reliable UDP.

AI Summary: HexStrike AI is an advanced penetration testing platform that integrates over 150 security tools and more than 12 autonomous AI agents for automated cybersecurity assessment. Its primary use case focuses on cybersecurity automation, employing intelligent decision-making and vulnerability intelligence to optimize attack strategies and resource management. Notable features include real-time dashboards, progress visualization, and a multi-agent architecture that facilitates comprehensive penetration testing and threat analysis.

README

HexStrike AI MCP Agents v6.0

AI-Powered MCP Cybersecurity Automation Platform

AI Summary: HolyTips is a comprehensive repository that provides a collection of notes, checklists, and writeups focused on bug bounty hunting and web application security. Its primary use case is to serve as a resource for security researchers and ethical hackers, offering organized information that aids in identifying vulnerabilities. Notable features include structured content that facilitates quick reference and learning in the field of web security assessments.

README

AI Summary: HostHunter is a Python-based tool designed for the discovery and extraction of hostnames linked to specified IPv4 or IPv6 addresses, utilizing OSINT and active reconnaissance methods. It generates comprehensive reports in various formats, including CSV and Nessus, and features capabilities like SSL certificate extraction, hostname validation, and the ability to capture screenshots of target applications. This tool is particularly beneficial for organizations aiming to assess their attack surface effectively.

AI Summary: HOUDINI is a comprehensive collection of Docker images designed for network intrusion testing, facilitating offensive security practices. It not only provides extensive listings of tools but also includes pre-defined docker run commands and cheatsheets for ease of use. Additionally, the repository encourages community contributions to expand its toolset, enhancing collaborative development in network security.

README

🐳 HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion

HOUDINI is a curated list of Network Security related Docker Images for Network Intrusion purposes. A lot of images are created and kept updated through our RAUDI repository. Pretty dope, eh?

AI Summary: HTSHELLS is a toolkit that facilitates the deployment of self-contained web shells and various web-based attack vectors by utilizing .htaccess files. Its primary use case is for penetration testing and exploitation, allowing users to execute commands remotely and conduct denial-of-service, information disclosure, directory traversal, and other attacks through a structured directory of attack modules. Notable features include the ability to generate custom .htaccess files for specific attack types and execute commands via query parameters, enhancing flexibility for security assessments.

AI Summary: The Information Collection Handbook is a comprehensive resource designed for penetration testers, focusing on effective information gathering techniques essential for vulnerability exploitation. It consolidates various methods and tools for domain and subdomain information collection, including online services, browser plugins, and advanced querying techniques, thereby enabling security professionals to uncover assets and vulnerabilities that may otherwise remain hidden. Notable features include detailed sections on Whois queries, DNS historical analysis, and strategies for bypassing content delivery networks (CDNs) to uncover real IP addresses.

AI Summary: The InfoSec Reference project serves as a comprehensive resource for individuals seeking to enhance their understanding of Information Security, offering a curated list of techniques, tools, and tactics. Its primary use case revolves around providing a “Yellow Pages” style reference for users to browse and learn about various aspects of infosec, helping them build skills and recall pertinent information. Notably, it encourages community contributions and maintains regular updates, while emphasizing a commitment to ethical practices in cybersecurity.

AI Summary: InQL is an open-source Burp Suite extension tailored for advanced GraphQL testing, enabling security professionals to effectively identify vulnerabilities within GraphQL APIs. It features a user-friendly interface, robust query manipulation capabilities, and integration with Burp’s existing tools, significantly enhancing the testing process for GraphQL applications.

README

InQL v6.1.2 - Burp Extension for Advanced GraphQL Testing

AI Summary: Interlace is a command-line tool designed to enhance single-threaded applications by enabling multi-threading capabilities, specifically for penetration testing and bug bounty workflows. It supports CIDR and glob notation for target specification and allows users to define multiple parameters such as timeouts, threads, and various command options, facilitating efficient execution across various targets. Notable features include the ability to pipe target lists, utilize multiple proxies, and specify complex command files for diverse testing scenarios.

AI Summary: Inventory is a tool designed for attack surface management of public bug bounty programs, aggregating DNS and web server data from over 800 organizations. Its primary use case is to assist bug bounty hunters in efficiently identifying and monitoring new assets while providing security teams with enhanced visibility into their assets. Notable features include automated data collection and transformation from multiple sources, duplicate program merging, and both passive and active enumeration workflows for comprehensive reconnaissance.

AI Summary: The iOS/macOS penetration testing cheatsheet provides a curated list of tools and resources for conducting security assessments on iOS and macOS applications, including utilities for static analysis, obfuscation, and jailbreak checks. Notable features include links to tools such as MobSF, Frida, and Objection, facilitating the testing of application vulnerabilities across platforms. This repository serves as a comprehensive guide for security professionals looking to enhance their penetration testing workflows on Apple devices.

AI Summary: IPRanges is a tool that compiles and lists the IP address ranges for various cloud services and platforms, including Google, Amazon, Microsoft, and others. It provides separate text files for IPv4 and IPv6 addresses, categorized into unmerged and merged formats for efficiency. The dataset is updated daily and sourced from publicly available information, making it useful for network management and security configurations.

README

IPRanges

List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), DigitalOcean, GitHub, Facebook (Meta), Twitter, Linode, Telegram, OpenAI (GPTBot), CloudFlare, Vultr, Apple (Private Relay) and ProtonVPN with daily updates.

AI Summary: JADX-AI-MCP is a fully automated server and plugin designed for analyzing Android APK files via large language models (LLMs) such as Claude, enabling efficient vulnerability discovery, APK analysis, and reverse engineering. Key features include seamless MCC communication and integration with powerful LLMs to enhance static analysis and security assessments within the Android development ecosystem.

README

AI Summary: The Java-Deserialization-Cheat-Sheet is a comprehensive resource designed for penetration testers and researchers focusing on deserialization vulnerabilities across various Java serialization libraries. It provides an extensive overview, including payload generators, exploit techniques, detection methods, and protection strategies across multiple serialization frameworks such as XStream, Jackson, and Kryo. Notably, the repository consolidates critical information and references, aiding professionals in identifying and exploiting Java deserialization weaknesses effectively.

README

Java-Deserialization-Cheat-Sheet

A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries.

AI Summary: Jok3r is a Python CLI application designed to assist penetration testers in executing automated network infrastructure and web security assessments. With over 50 integrated open-source tools, it streamlines vulnerability identification through context-aware checks, CVE lookups, and brute force attacks, all packaged within a Docker image for ease of use and customization. Notable features include automatic service fingerprinting, a comprehensive library of security checks for various network services, and automated post-authentication testing.

AI Summary: jSQL Injection is a lightweight, open-source tool designed for identifying database information from servers, optimized for penetration testing. It is cross-platform, supporting Windows, Linux, and Mac with Java compatibility from versions 21 to 25, and is integrated into various security-focused distributions such as Kali Linux. Notable features include a user-friendly interface, support for multiple database engines, and comprehensive testing functionalities, making it suitable for both novice and experienced security analysts.

AI Summary: OWASP Juice Shop is a deliberately insecure web application designed for educational purposes such as security training, demonstrations, and Capture The Flag (CTF) events. It contains a wide range of vulnerabilities that align with the OWASP Top Ten, making it an effective tool for testing security tools and techniques. Notable features include its modern architecture, comprehensive vulnerability exposure, and support for various installation methods, including Docker and Vagrant.

AI Summary: JustTryHarder is a comprehensive cheat sheet designed to assist users in navigating the Penetration Testing with Kali Linux (PWK) course and preparing for the Offensive Security Certified Professional (OSCP) exam. It consolidates various penetration testing techniques, such as OS detection, privilege escalation, and exploitation methods, while providing clear examples and references. Notable features include a wide array of topics that cover essential hacking methodologies and tools, making it a valuable resource for both beginners and experienced practitioners in the cybersecurity field.

AI Summary: K8tools is a collection of security research and penetration testing tools designed for use in various environments, including remote command execution and web shells. Notably, these tools are modified to enhance compatibility and stability, catering to security professionals who require reliable functionalities. The repository serves as a hub for downloading tools, accessing documentation, and submitting feedback for continuous improvement.

README

K8tools

声明: 工具仅供安全研究或授权渗透，非法用途后果自负。
下载: https://github.com/k8gege/K8tools
文档: http://k8gege.org/p/72f1fea6.html

AI Summary: KawaiiGPT is an open-source command-line tool that provides seamless access to various large language models, including DeepSeek, Gemini, and Kimi-K2, through a reverse-engineered Pollinations API without the need for API keys. It features integrated prompt injection capabilities for security research, allowing for uncensored model access and red-team evaluations, along with native support for Linux and Termux, and a user-friendly console interface. Notably, it offers easy configuration options and a streamlined installation process via a single command.

AI Summary: kb is a minimalist knowledge base manager designed for efficient organization and retrieval of information artifacts. It supports functionalities such as adding, viewing, editing, and deleting artifacts, alongside advanced searching options including grep capabilities and template management for better categorization. Notably, it allows for easy import/export of knowledge bases and integrates seamlessly with multiple installation methods, enhancing its usability for various platforms.

README

kb. A minimalist knowledge base manager

AI Summary: Keylogger is a lightweight multi-platform tool designed to record keystrokes on Windows, Linux, and Mac OS, saving them to a local log file. Its primary use case includes personal monitoring for computer security and self-analysis, with notable features such as the ability to run in both visible and invisible modes on Windows, and a straightforward installation process across all supported operating systems.

README

A simple keylogger for Windows, Linux and Mac

AI Summary: KillShot is a comprehensive penetration testing framework designed for information gathering and website vulnerability scanning. Its primary use case involves automating data collection through integrated tools such as WhatWeb and Nmap, while offering features like a CMS Exploit Scanner and web application vulnerability assessments, including XSS and SQL injection detection. The framework also facilitates backdoor generation and includes a fuzzer, making it a versatile tool for security professionals.

AI Summary: Kubernetes Goat is an intentionally vulnerable Kubernetes cluster environment designed for the purpose of learning and practicing Kubernetes security. It provides various scenarios for security testing, including exploitation of sensitive keys, SSRF vulnerabilities, and container escapes, thereby enabling users to gain hands-on experience with real-world security challenges in Kubernetes. The tool requires administrative access to a Kubernetes cluster and facilitates setup using kubectl and helm, offering a structured learning path for security professionals.

AI Summary: FIRERPA is an advanced Android automation framework designed for on-device operations, providing a comprehensive suite of over 160 APIs for device management, UI automation, and diagnostics. Its primary use case is to enable lightweight, efficient automation for both physical and virtual Android devices, integrating AI-driven capabilities with robust remote desktop services. Notable features include built-in ADB/SSH/SCP support, extensive logging, encrypted scripting, and seamless deployment across a range of Android versions without complex configuration requirements.

AI Summary: Leaky Paths is a curated repository of high-quality wordlists designed for web content discovery, targeting misconfigurations and sensitive API endpoints in major web frameworks and infrastructure projects. It serves as a rapid assessment tool for pentesters, security engineers, and bug bounty hunters, emphasizing modern tech stack paths that yield valuable insights while intentionally maintaining a concise list for optimal efficiency. Notable features include paths associated with known vulnerabilities and endpoints that typically expose sensitive data, facilitating quick identification of potential security issues.

AI Summary: Learn-Web-Hacking is a comprehensive guide designed for individuals interested in web security, systematically organizing essential concepts and knowledge related to web application vulnerabilities, network protocols, and penetration testing. It provides a historical perspective on the evolution of web security, foundational networking concepts, and a detailed exploration of common web vulnerabilities and defensive strategies. Additionally, it includes tool recommendations and resources, making it a valuable resource for both beginners and practitioners in the cybersecurity field.

AI Summary: Learn365 is a personal initiative designed to promote continuous learning, focusing on various cybersecurity topics and methodologies over a year-long challenge. The repository includes extensive documentation covering diverse subjects such as vulnerability exploitation, secure coding practices, and penetration testing checklists. Notable features include daily learning topics with associated resources and mind maps, making it a comprehensive tool for knowledge enhancement in the infosec domain.

README

Learn365

This repository contains all the information shared during my Learn 365 Challenge. Learn 365 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for the whole year, it can be anything from infosec to general life. Follow me on Twitter for Regular Updates: Harsh Bothra. Huge thanks to Mehedi Hasan Remon, who originally created and maintained this repository.

AI Summary: Ligolo-ng is an advanced tunneling tool that establishes connections through a TUN interface, enabling penetration testers to create reverse TCP/TLS tunnels without the need for SOCKS proxies. Notable features include a user-friendly web interface, automatic configuration for certificates, support for multiple platforms, and resilience to network issues with automatic tunnel recovery. Its design facilitates streamlined network management and the ability to run tools directly over these tunnels.

README

Ligolo-ng : Tunneling like a VPN

AI Summary: linkedin2username is an OSINT tool designed to generate potential username formats for employees of a specified company using LinkedIn’s web interface, requiring user authentication without an API key. Key features include customizable output formats for usernames, the ability to append domain names, and options for depth of search and filtering by keywords. The tool leverages web scraping techniques and is sensitive to LinkedIn’s rate limits, making it suitable for security research purposes.

AI Summary: Linkook is an OSINT tool designed for discovering linked social media accounts and associated emails based on a single username across multiple platforms. Its notable features include the ability to check for email breaches using HudsonRock’s Cybercrime Intelligence Database, and exporting scan results in a Neo4j-compatible format for visual analysis. The tool supports various command-line options for summarizing output, detailed scans, and configuring data handling.

README

Linkook

English | 中文

AI Summary: The linux-kernel-exploits repository provides a catalog of various known vulnerabilities within the Linux kernel, detailing specific CVEs along with their descriptions and affected kernel versions. Its primary use case is to aid security researchers and penetration testers in identifying and exploiting kernel vulnerabilities for testing and mitigation purposes. Notable features include a comprehensive list of CVEs organized by year, along with linked folders containing additional exploit details.

README

linux-kernel-exploits

简介

linux-kernel-exploits

AI Summary: Linux Smart Enumeration (LSE) is a shell script designed for penetration testing and Capture The Flag (CTF) challenges, aimed at gathering security-relevant information to assist in privilege escalation on Linux systems. Notable features include customizable verbosity levels, targeted section execution, process monitoring, and the ability to serve the script over the network for remote retrieval. The tool is intended to expose vulnerabilities gradually, prioritizing information based on its significance for privilege escalation.

AI Summary: Linuxprivchecker is a Python script designed for local execution on Linux systems, aimed at enumerating system information and identifying common privilege escalation vectors, such as world writable files and misconfigurations. Its primary use case is to assist users in learning about potential privilege escalation opportunities within Linux environments without performing direct exploits. Noteworthy features include support for both Python 2 and 3, command options for customizing searches and log outputs, and an emphasis on educational utility for those preparing for penetration testing certifications like OSCP and HTB.

AI Summary: linWinPwn is a comprehensive bash script designed for Active Directory penetration testing on Linux, integrating various tools for enumeration, vulnerability checks, modifications, and password dumping. It features both an interactive mode for manual checks and an automated mode for streamlined enumeration, allowing users to perform a wide array of security assessments including LDAP, Kerberos, and MSSQL interactions. Notably, it supports a range of authentication methods and can execute critical checks for known vulnerabilities such as NoPac and ZeroLogon, making it an essential tool for security professionals.

AI Summary: Lockdoor is a pentesting framework that aggregates a variety of tools for tasks such as information gathering, web hacking, privilege escalation, and reverse engineering. Its notable features include a collection of pre-configured tools categorized by function, support for multiple operating systems, and the ability to generate security assessment reports. However, it is important to note that the project is no longer actively maintained.

README

Lockdoor v2.3
⚠️ This project is not maintained anymore. ⚠️

Find more at https://g.co/kgs/TtYRJJP

Table of contents

• Table of contents
• Changelog 📌 :
• Badges 📌 :
• Support me 💰 :
• Contributors ⭐ :
• Versions
  • 06/2021 : 2.3
  • 03/2020 : 2.2.3
• Blogs & Articles 📰 :
• Overview 📙 :
• Features 📙 :
  • Pentesting Tools Selection 📙 :
  • Resources and cheatsheets 📙 :
• Screenshots 💻 :
• Demos 💻 :
• Installation 🛠️ :
• Lockdoor Tools contents 🛠️ :
  • Information Gathering :mag_right: :
  • Web Hacking 🌐 :
  • Privilege Escalation ⚠️ :
  • Reverse Engineering ⚡:
  • Exploitation ❗:
  • Shells 🐚:
  • Password Attacks ✳️:
  • Encryption - Decryption 🛡️:
  • Social Engineering 🎭:
• Lockdoor Resources contents 📚 :
  • Information Gathering :mag_right: :
  • Crypto 🛡️:
  • Exploitation ❗:
  • Networking 🖧 :
  • Password Attacks ✳️:
  • Post Exploitation ❗❗:
  • Privilege Escalation ⚠️:
  • Pentesting & Security Assessment Findings Report Templates 📝 :
  • Reverse Engineering ⚡ :
  • Social Engineering 🎭:
  • Walk Throughs 🚶 :
  • Web Hacking 🌐 :
  • Other 📚 :
• Contributing :

Changelog 📌 :

Version v2.3 IS OUT !!

    - Fixing some CI 

    - making a more stable version 

    - new docker iaage build

    - adding packages for each supported distros

Badges 📌 :

AI Summary: Lonkero is a professional-grade web security scanner engineered for advanced penetration testing, boasting over 125 sophisticated scanning modules written in Rust. Its notable features include an intelligent mode for context-aware scanning, machine learning capabilities to minimize false positives to 5%, and unique proof-based XSS detection that eliminates reliance on browsers, significantly increasing scan speed and accuracy. By leveraging a robust architecture that focuses on real vulnerabilities, Lonkero delivers efficient and precise security assessments for modern web technologies.

AI Summary: Maigret is a user-centric OSINT tool designed to gather comprehensive profiles based on usernames by scanning over 3000 websites, including Tor and I2P networks. Key features include profile data extraction, recursive search capabilities, and automated handling of censorship and captcha challenges, all without requiring API keys. This tool serves as an effective resource for analysts in social media investigations and identity verification.

README

Maigret

AI Summary: Malicious PDF is a tool designed to generate various malicious PDF files featuring phone-home capabilities for use in penetration testing and red-teaming. It supports integration with platforms like Burp Collaborator and Interact.sh, providing a diverse set of attack vectors through ten different crafted PDF examples meant for testing web applications, security products, and PDF readers. Key features include the ability to create PDFs exploiting vulnerabilities like external file access, JavaScript injection, and form data exfiltration.

AI Summary: Mantis is a command-line framework that automates the processes of asset discovery, reconnaissance, and scanning for vulnerabilities. It efficiently identifies subdomains, certificates, and active assets, culminating in comprehensive scans for misconfigurations and secrets using a combination of open-source and custom tools. Notable features include distributed scanning capabilities, customizable scans, a dashboard for vulnerability management, and integration with various DNS services.

README

Features • Modules • Installation • Command Line Options • Documentation • Contributors • Join Discord

AI Summary: The Massive Web Application Penetration Testing Bug Bounty Notes repository provides a comprehensive guide tailored for both novice and advanced penetration testers, emphasizing methodologies for web application security assessments. It covers essential topics such as setting up testing environments, identifying and exploiting the OWASP Top 10 vulnerabilities, and practical resources like video tutorials for enhanced learning. Notable features include a structured approach to various testing phases, from foundational concepts to specific attack vectors related to session management, authentication, and business logic vulnerabilities.

AI Summary: Metabigor is an open-source intelligence (OSINT) tool designed for various information-gathering tasks without the need for API keys. It features capabilities such as network discovery, subdomain enumeration through certificate transparency logs, IP enrichment with Shodan InternetDB, and the ability to detect CDNs or WAFs, making it versatile for cybersecurity research and analysis. Notably, it allows users to automate input processing and batch queries for efficient data collection and analysis.

AI Summary: The Mobile Application Penetration Testing Cheat Sheet serves as a comprehensive resource for security professionals, offering a concise compilation of essential information and checklists for mobile app penetration testing, aligned with the OWASP Mobile Risk Top 10. It encompasses detailed methodologies for both Android and iOS applications, covering aspects such as static and dynamic analysis, network security testing, and techniques for bypassing common security measures. Notable features include a section on mobile security testing distributions and frameworks, providing users with tailored tools and environments to facilitate effective security assessments.

AI Summary: Modlishka is an open-source penetration testing tool that operates as a man-in-the-middle proxy, allowing seamless proxying of multi-domain HTTP and HTTPS traffic without requiring client certificate installation. Its primary use case is in security testing, particularly for ethical phishing assessments and 2FA bypass demonstrations, providing features such as pattern-based JavaScript payload injection, user credential harvesting, and extensive support for various 2FA schemes. Additionally, Modlishka’s modular and stateless design enhances scalability, while its cross-platform compatibility ensures usability across major operating systems.

AI Summary: mongoaudit is a command-line interface tool designed for auditing MongoDB servers to identify security misconfigurations and vulnerabilities. Its primary use case is to enhance security by detecting poor configuration settings and providing actionable advice to rectify them, thus helping administrators implement best practices. Notable features include automated penetration testing capabilities and comprehensive reporting with guidance on securing MongoDB installations.

README

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing.

AI Summary: Infection Monkey is an open-source adversary emulation platform designed to enhance security postures by simulating malware behavior within a network. It employs a dual-component architecture comprising an Agent, which mimics a network worm’s propagation techniques, and a centralized command and control server, Monkey Island, for monitoring and visualization. Notable features include various exploitation methods like Log4Shell and RDP, along with adaptive strategies to assess and improve security defenses against real threats.

AI Summary: Mosint is an automated Open Source Intelligence (OSINT) tool designed for efficient email investigations and scanning. It consolidates various services to validate emails, check for social media accounts, investigate data breaches, and extract associated information rapidly, all while being lightweight and user-friendly. Notable features include email verification, data breach checks, Pastebin scans, DNS/IP lookups, and the ability to output results in JSON format.

README

Features • Installation • Services • Usage • Docker • Config • Screen

AI Summary: MSDAT (Microsoft SQL Database Attacking Tool) is an open-source penetration testing utility designed for assessing the security of Microsoft SQL databases remotely. Its primary use case includes discovering valid credentials, privilege escalation, and executing operating system commands through various SQL features. Notable features of MSDAT include the ability to perform dictionary attacks, capture SMB authentication, execute SQL requests, and manipulate files on the server, while supporting multiple Microsoft SQL Server versions.

AI Summary: n0kovo_subdomains is a comprehensive subdomain enumeration wordlist containing 3,000,000 entries sourced from SSL certificate data across the entire IPv4 space. This tool is designed to enhance the efficacy of subdomain discovery activities for penetration testing and security assessments, utilizing a robust dataset that offers a balanced trade-off between size and search effectiveness. Users can leverage this highly efficient wordlist to improve the success rate of finding subdomains in various target domains.

AI Summary: Netcat for Windows is a TCP/IP utility designed for network diagnostics and exploration, functioning as a versatile “Swiss Army knife” for admins on the Windows platform. It supports both inbound and outbound connections over TCP or UDP, features built-in port scanning, DNS checks, and allows for custom local network configurations. Notably, this version excludes the potentially insecure -e switch to mitigate false positives from antivirus software, while also resolving issues encountered during telnet sessions.

AI Summary: NetExec is a community-driven network exploitation tool derived from the predecessor CrackMapExec, designed to facilitate network enumeration and execution of various tasks across multiple hosts. It boasts functionalities for maintaining and expanding the original tool’s capabilities, alongside regular updates and community contributions. Notable features include an emphasis on user collaboration, a dedicated Discord channel for support, and extensive documentation in development.

README

🚩 This is the open source repository of NetExec maintained by a community of passionate people

AI Summary: The Netlas Cookbook serves as a comprehensive guide for utilizing Netlas Search Tools, aimed at audiences with varying levels of cybersecurity knowledge. It provides practical examples and automation techniques for searching and analyzing IP addresses and domain data on the Internet, while also detailing the use of the Netlas API for advanced queries and OSINT tasks. Key features include search query syntax explanation, logical operators, and integration with Python, enhancing user capabilities in attack surface management and information retrieval.

AI Summary: OWASP Nettacker is an automated penetration testing and information-gathering framework designed for cybersecurity professionals to conduct reconnaissance, vulnerability assessments, and network security audits. Key features include a modular architecture for customizable task execution, support for multi-protocol and multithreaded scanning, comprehensive output formats, and a user-friendly interface for managing scans, all of which enhance its efficacy in identifying weaknesses across diverse systems and applications.

README

OWASP Nettacker

AI Summary: NeuroSploit v3 is an AI-powered penetration testing platform designed for autonomous security assessments, offering support for 100 vulnerability types within isolated Kali Linux containers. Key features include an autonomous agent for parallel testing, an exploit chain engine, anti-hallucination controls, real-time monitoring via a modern web interface, and multi-provider LLM integration for adaptive scanning strategies. The tool provides efficient scanning capabilities and detailed reporting, making it suitable for comprehensive security evaluations.

AI Summary: Nishang is a comprehensive PowerShell framework designed for offensive security, penetration testing, and red teaming, featuring a collection of scripts and payloads that assist in various stages of penetration testing. It allows users to execute scripts in memory to bypass antivirus detection and includes notable functionalities such as encoding commands, webshell capabilities, and Active Directory manipulation tools. The framework is structured for ease of use with PowerShell, offering detailed help for individual scripts and versatile execution methods.

AI Summary: The Ullaakut/nmap library offers Go developers a comprehensive interface to leverage the features of the Nmap network scanner within their applications, facilitating the creation of security audit tools. By utilizing the Go language’s capabilities, the library allows for robust network scans, service detection, and easy parsing of XML outputs produced by the Nmap binary. Notable features include support for various scan types and the ability to manage scan timeouts, enhancing both flexibility and performance in penetration testing scenarios.

AI Summary: NMAP-Formatter is a versatile tool designed to convert NMAP XML output into various formats such as HTML, CSV, JSON, Excel, and more, facilitating the analysis and reporting of network scan results. Notable features include support for output via stdin, the ability to generate diagrams using Graphviz, and options to skip down hosts, enhancing usability for security professionals and network administrators. This tool can also be utilized as a library in Golang for integration into other applications.

AI Summary: NodePass is an open-source network tunneling solution that provides enterprise-grade TCP/UDP tunneling with minimal configuration and high performance, designed for managing complex network scenarios. Key features include seamless protocol conversion, a connection pooling architecture for reduced latency, multi-level TLS security mechanisms, and real-time monitoring capabilities. The tool targets DevOps professionals and system administrators, facilitating effortless deployment and control in diverse networking conditions.

README

AI Summary: OWASP Noir is a security tool designed to analyze source code and generate comprehensive inventories of application endpoints, including the detection of shadow APIs and hidden routes that traditional methods might overlook. It serves as a bridge between Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), enabling white-box security teams and penetration testers to identify the complete attack surface of an application. Notable features include AI-powered analysis across various programming languages, integration capabilities with popular DAST tools, and the ability to output results in multiple formats for seamless workflow integration.

AI Summary: NoMore403 is a specialized tool for cybersecurity professionals aimed at bypassing HTTP 40X errors during web security assessments. It employs multiple techniques such as header manipulation, method tampering, and custom path testing to automate the bypass process, featuring smart output filtering to highlight significant results and high concurrency for efficient testing. Notable capabilities include auto-calibration, deduplication of results, color-coded output, and customizable payloads for enhanced flexibility.

README

NoMore403

AI Summary: NoPE Proxy is a Burp Suite extension that facilitates the interception and analysis of TCP and UDP traffic, including non-HTTP protocols. Its notable features include a configurable DNS server that routes traffic to Burp, support for multiple listening ports for man-in-the-middle (MiTM) connections, and the ability to define match and replace rules for traffic manipulation. This tool is especially useful for security testing of mobile applications and thick clients, allowing seamless traffic analysis and modification.

AI Summary: Nosey Parker is a command-line interface (CLI) tool designed for scanning textual data to identify secrets and sensitive information, essentially functioning as a specialized grep for secret detection. Targeted primarily at offensive security operations, it offers features such as flexible scanning of various data sources, usage of 188 precision-focused regex rules, deduplication of matches to streamline review processes, and high-speed scanning capabilities, making it suitable for large-scale security engagements. Note that Nosey Parker has been officially retired and replaced by the tool Titus.

AI Summary: NoSQLMap is a Python tool designed for auditing and automating injection attacks on NoSQL databases, primarily targeting MongoDB and CouchDB, while also preparing for support of others like Redis and Cassandra. It helps identify and exploit default configuration vulnerabilities to disclose or replicate database data through a user-friendly menu-based interface. Key features include options for NoSQL DB access attacks, web application attacks, and scanning for anonymous MongoDB access.

AI Summary: The Nuclei + Wordfence CVE project provides a comprehensive set of 71,889 Nuclei templates specifically designed for assessing security vulnerabilities in WordPress, including core, plugins, and themes. Notably, the templates are regularly updated to reflect the latest threats identified by Wordfence, offering users a robust tool for proactive site protection and vulnerability identification. This open-source solution allows for customization, giving users the flexibility to adapt templates to meet specific security needs.

AI Summary: o365recon is a PowerShell script designed for retrieving information from Office 365 and Azure AD using valid credentials. Its primary use case is to facilitate information gathering for security assessments, with a notable feature allowing optional Azure querying through a simple command-line interface. The tool requires the installation of MSOnline and AzureAD modules and includes support for multi-factor authentication.

README

o365recon

script to retrieve information via O365 and AzureAD with a valid cred

AI Summary: o365spray is a specialized tool for username enumeration and password spraying targeting Microsoft Office 365 (O365) environments. It allows users to validate domains, enumerate usernames, and conduct password spraying attacks, featuring configurable options for lockout policies and enumeration modules. The tool emphasizes caution by automatically managing lockout timers during operations to mitigate potential account lockouts.

README

o365spray

o365spray is a username enumeration and password spraying tool aimed at Microsoft Office 365 (O365). This tool reimplements a collection of enumeration and spray techniques researched and identified by those mentioned in Acknowledgments.

AI Summary: Octopus is an open-source, pre-operation command-and-control (C2) server developed in Python, designed for red team operations to facilitate initial attacks and information gathering before launching full engagements. It features secure communications through AES-256 encryption, remote command execution, file transfers, and a unique Endpoint Situational Awareness (ESA) capability that allows users to assess target environments effectively. The tool supports multiple Windows versions and enables stealthy operations, making it less detectable by conventional security measures.

AI Summary: ODAT (Oracle Database Attacking Tool) is an open-source penetration testing tool designed to assess the security of Oracle databases remotely. Key features include the capability to identify valid SIDs and credentials, escalate privileges to DBA or SYSDBA, and execute system commands like reverse shells. It supports various Oracle Database versions and offers extensive options for connectivity checks and detailed database information extraction.

README

ODAT

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.

AI Summary: Offensive Docker is a Docker image designed to facilitate the rapid setup of a penetration testing environment by bundling a comprehensive suite of commonly used security tools. Its primary use case is to streamline the pentesting process, featuring tools for port scanning, reconnaissance, web application testing, and brute-forcing, among others. Notably, it allows users to quickly deploy a fully equipped pentesting environment in various cloud platforms, enhancing efficiency in security assessments.

AI Summary: Offensive-OSINT-Tools is a curated collection of essential tools tailored for Offensive Security specialists engaged in penetration testing and red teaming. It streamlines the OSINT process by categorizing tools for various purposes, including domain investigation, email address collection, and information gathering. Notable features include the ability to efficiently search for subdomains and URLs, along with a focus on usability by providing only the most relevant tools, rather than an overwhelming list.

AI Summary: OffSec Reporting is a customizable platform designed for security professionals to efficiently create penetration test reports tailored for Offensive Security certifications. Built on SysReptor, it enables users to write reports in Markdown, render them as PDFs, and supports various OffSec certifications including OSCP, OSEP, and OSWP. Notable features include free accessibility, rapid report generation, and a focus on facilitating the testing process without the burden of formatting.

README

OffSec Reporting using SysReptor

AI Summary: onedrive_user_enum is a tool designed for enumerating valid OneDrive users by leveraging the HTTP response codes from file share URLs. Its primary use case is passive user enumeration, which avoids direct login attempts, making it less detectable by the target organization. Notable features include options for remote logging to MySQL, local SQLite database support, user list truncation, and mechanisms for de-duplication and user list management.

README

onedrive_user_enum v2.10

enumerate valid onedrive users

AI Summary: OneListForAll is a web fuzzing tool that generates a variety of curated wordlists for penetration testing, focusing on efficiency and organization. Its notable features include automated synchronization of multiple source repositories, categorization of wordlists into short and long versions, deduplication, and a streamlined CLI for pipeline management. The tool consolidates wordlists into manageable files, supporting broad use cases from local fuzzing to advanced vulnerability assessments.

README

OneListForAll

Wordlists for web fuzzing: curated micro, categorized short/long, and combined final lists.

AI Summary: The Open Source Security Guide serves as a comprehensive resource for enhancing the security of systems and networks by providing tutorials, standards, and tools relevant to open-source security practices. It includes sections on security certifications, threat models, and various security frameworks, along with a curated list of tools and resources to improve security operations. Notably, it aims to foster a collaborative environment for sharing best practices and advancing security through community initiatives.

AI Summary: The OSCP Cheat Sheet repository provides a comprehensive collection of essential commands and techniques specifically tailored for the Offensive Security Certified Professional (OSCP) exam. It includes updates on advanced exploitation methods such as Active Directory Certificate Services abuse and Shadow Credentials attacks, alongside practical resources for information gathering, vulnerability analysis, and exploitation strategies. The tool aims to assist users in navigating the exam requirements while emphasizing the importance of adhering to current exam guidelines.

AI Summary: The OSCP-Human-Guide is a personal guide tailored for preparing for the Offensive Security Certified Professional (OSCP) exam, featuring a collection of resources, strategies, and mock exam frameworks. Its primary use case is to assist aspiring penetration testers in navigating lab environments and exam simulations effectively. Notable features include detailed walkthroughs of lab machines, advice on exam preparation, and a CherryTree template for organization of findings.

README

OSCP-Human-Guide

Edit I’m currently moving all the OSCP stuff and other things to my “pentest-book”. This repository will not have more updates. Sorry for the inconvenience.

AI Summary: OSCP Tricks is a comprehensive resource designed to assist penetration testers preparing for the Offensive Security Certified Professional (OSCP) exam. It encompasses various techniques across critical areas such as information gathering, web application attacks, privilege escalation on both Linux and Windows systems, and more, supplemented with external links to useful tutorials and methodologies. Notable features include categorized attack vectors, detailed enumeration guides, and checklists to streamline the penetration testing process.

AI Summary: Osintgram is a Python-based OSINT tool designed for reconnaissance on Instagram, enabling users to collect and analyze public data from Instagram accounts by username. Key features include retrieving followers, followed accounts, post information, comments, captions, and downloading media such as photos and stories. The tool operates through an interactive shell, providing a comprehensive suite of commands for in-depth investigation while emphasizing the importance of ethical usage.

README

Osintgram 🔎📸

AI Summary: Osmedeus is a security-focused orchestration engine designed for automating complex workflows through declarative YAML definitions, enhancing the audibility and management of security tasks. It features distributed execution, a rich library of over 80 utility functions, and supports cloud infrastructure provisioning for robust penetration testing and scanning. Key functionalities include event-driven scheduling, agentic LLM integration for tool orchestration, and a REST API for seamless integration and visualization through a web interface.

AI Summary: p0wny@shell is a minimalistic, single-file PHP shell designed for executing commands on servers during penetration testing of PHP applications. Its primary use case involves remote command execution, featuring capabilities such as command history navigation, file name auto-completion, file upload and download, and remote file system navigation. Notably, it poses security risks if misused, and users are cautioned against deploying it on servers without adequate understanding.

README

p0wny@shell:~# – Single-file PHP Shell

AI Summary: Passhunt is a tool designed to search for default credentials across network devices and web applications from a database of 523 vendors and 2084 default passwords. It facilitates quick access to these credentials through a simple command-line interface, allowing users to select vendors and retrieve associated default passwords efficiently. Notable features include the comprehensive vendor database and the ease of installation and usage with Python.

README

Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

AI Summary: The passphrase-wordlist project provides an extensive list of over 20 million phrases paired with two hashcat rule files tailored for GPU-based password cracking. Its primary use case is to enhance the effectiveness of hashcat’s cracking capabilities by generating numerous permutations of passphrases to exploit vulnerabilities in systems that utilize weak or common passwords. Notable features include a robust wordlist sourced from various databases and dynamic updates, along with customizable rule files that manipulate passphrase formatting for improved cracking success.

AI Summary: Penetration_Testing_POC is a comprehensive collection of proof of concepts (POCs), scripts, tools, and articles related to penetration testing, intended to serve as a reference resource. It systematically categorizes vulnerabilities across various domains such as IoT, mobile devices, web applications, and privilege escalation methods, providing users with essential insights and practical exploitation techniques. Notable features include organized documentation and links to external resources, ensuring that users can easily navigate and leverage the provided information for security assessments.

AI Summary: The Penetration Testing Cheat Sheet is a comprehensive checklist designed to assist cybersecurity professionals in performing penetration testing tasks. It aggregates various tools and techniques for phases such as reconnaissance, scanning, and vulnerability exploitation, while emphasizing the importance of complementarity among tools for better results. Noteworthy features include automation of certain tasks and links to crucial resources for penetration testing methodologies.

README

Penetration Testing Cheat Sheet

This is more of a checklist for myself. May contain useful tips and tricks.

AI Summary: The Penetration Testing Tools repository is a comprehensive collection of over 160 scripts, utilities, and cheatsheets designed for Penetration Testing and IT security audits. It encompasses a wide range of categories including cloud assessments, network protocols, web security, and red teaming, enabling practitioners to increase efficiency and improve technical assurance in their engagements. Notable features include modular organization by function, a focus on real-world applicability, and the absence of sensitive client-specific information.

AI Summary: PentAGI is an AI-powered penetration testing framework that automates security assessments for information security professionals and researchers. Notable features include a fully autonomous AI agent capable of executing penetration test steps, integration with over 20 professional tools, a smart memory system for storing results, and comprehensive monitoring and reporting capabilities. The tool operates within a secure Docker environment and includes a modern web interface along with APIs for automation and integration, making it a flexible solution for advanced cybersecurity testing.

AI Summary: The “pentest” tool is designed for network reconnaissance and vulnerability assessment, facilitating tasks such as ping sweeping and port scanning across specified IP ranges. It offers automation scripts for performing comprehensive scans and generating organized results, making it an essential utility for penetration testers and security professionals. Key features include various scanning scripts that leverage target lists for efficient and systematic reconnaissance operations.

README

So, You Want to be a Rock Star?

Follow instructions, it`s very easy!

$ git clone https://github.com/jivoi/pentest.git ./offsecfw && cd offsecfw
$ mix_ping_sweep.py 192.168.56.1-254 ./results
$ mix_port_scan.sh -t ./results/targets.txt -p all
$ mix_recon.py ./results/targets.txt

AI Summary: The Pentest Book is a comprehensive resource for penetration testers, offering a collection of information, scripts, and methodologies gathered during various pentests. It serves as a practical guide for conducting recon, exploring vulnerabilities in web and cloud services, and utilizing tools like Burp Suite, complemented by cheat sheets and checklists. Key features include easy navigation, a searchable interface, and continuous updates to ensure relevance and accuracy in the fast-evolving cybersecurity landscape.

AI Summary: pentest-tools is a collection of customizable security scripts designed for quick penetration testing needs, facilitating various tasks in security assessments. Notable features include domain enumeration, CORS vulnerability testing, subdomain extraction, and DNS requests handling, all provided in multiple programming languages such as Bash, Python, and PHP for versatile usability. This toolkit streamlines common pentesting workflows with efficient tools aimed at both novice and experienced security professionals.

README

pentest-tools

A collection of custom security tools for quick needs.

AI Summary: Pentest-Windows11 v3.2 is a Windows penetration testing environment tailored for deployment on Mac M series chips and other platforms, integrating over 400 commonly used security tools and scripts. Notable features include support for multiple virtualization formats (VMware, Parallels Desktop, Hyper-V), optimized tool management, and a user-friendly interface, enabling efficient vulnerability assessment and penetration testing workflows. The environment is designed to be ready-to-use, allowing security professionals to conduct testing with minimal setup.

AI Summary: PentestAgent is an AI-driven penetration testing tool designed to assist cybersecurity professionals in conducting thorough security assessments. It features multiple operational modes, including single-task assistance, autonomous task execution, and multi-agent orchestration, allowing users to adapt their approach based on project complexity. The tool supports integration with platforms like OpenAI and Anthropic, and can be run in Docker for enhanced isolation and access to a suite of pre-installed pentesting tools.

AI Summary: Pentest Tools is a comprehensive catalog of penetration testing resources, referencing tools primarily from Kali Linux, and featuring both open-source and readily accessible software. It includes a wide array of categories such as information gathering, vulnerability analysis, and exploitation tools, aimed at facilitating various aspects of security assessments. Notable features include a curated list of essential tools, categorized functionalities, and a long-term commitment to updates and supplementary resources.

AI Summary: Phishing Frenzy is a Ruby on Rails-based framework designed for creating and managing phishing campaigns. Its primary use case is to facilitate penetration testing by simulating phishing attacks, allowing security professionals to assess and improve their organization’s defenses against such threats. Notable features include user-friendly documentation and tools for managing phishing emails and tracking user interactions.

README

Phishing Frenzy

Ruby on Rails Phishing Framework

Documentation & Info

Relevant up to date documentation can be found on the official Phishing Frenzy website located below

AI Summary: PhoneSploit Pro is an advanced Python-based tool designed for penetration testing and exploiting Android devices remotely through the Android Debug Bridge (ADB) and Metasploit Framework integration. It automates the process of creating, installing, and launching payloads to gain a Meterpreter session in a single click, along with extensive ADB functionalities for managing connected devices, such as file transfers, device control, and data extraction. Notable features include remote screen recording, SMS management, and capabilities for controlling device operations, making it a comprehensive toolkit for security assessments on Android platforms.

AI Summary: Platypus is a modern terminal-based tool for managing multiple reverse shell sessions and clients, implemented in Go. Its primary use case is to facilitate secure and efficient reverse shell connections across various protocols, featuring functionalities such as multiple service listening ports, a RESTful API for management, file download/upload capabilities, and an interactive shell interface that supports common control commands. Notable features include automatic server initiation, port forwarding, and a web UI for enhanced usability.

AI Summary: POC-T (Pentest Over Concurrent Toolkit) is a versatile framework designed for penetration testing that facilitates concurrent tasks such as data collection, web crawling, brute-force attacks, and bulk PoC management. Its notable features include support for both multithreading and Gevent concurrency modes, simplified script writing without extensive documentation, built-in script extensions, and integration with popular search engine APIs like ZoomEye, Shodan, and Google.

README

POC-T: Pentest Over Concurrent Toolkit

AI Summary: pocsuite3 is an open-source framework designed for remote vulnerability testing and proof-of-concept (PoC) development, focused on empowering penetration testers and security researchers. Notable features include a versatile PoC engine supporting multiple execution modes, dynamic loading of PoC scripts and targets from various sources, as well as comprehensive integration with tools like Seebug, Shodan, and ZoomEye. The tool also offers robust capabilities such as plugin support, multi-target loading, and HTTP/SOCKS proxy configuration, making it a powerful asset in the security testing arsenal.

AI Summary: Find exploit tool

Find exploit tool

AI Summary: Power Pwn is a comprehensive offensive and defensive security toolset designed for the Microsoft 365 Power Platform and AI services. It includes multiple features such as tenant scanning with PowerDump, backdoor deployment, malware creation without coding, and tools for phishing and misconfiguration testing, providing users with extensive capabilities for security assessment and exploitation in Power Platform environments. Additionally, it offers utilities for enumerating custom GPTs and publicly exposed AI services, enhancing its utility for security professionals.

AI Summary: PowerHub is a post-exploitation tool designed for PowerShell, facilitating the transfer of potentially flagged data during penetration testing engagements. Its notable features include being fileless and stateless, utilizing cert pinning and RC4 encryption for string obfuscation, allowing seamless execution of C# programs in memory, and offering multiple methods to bypass AMSI. The tool simplifies processes such as running scripts and transferring sensitive information like Kerberos tickets or passwords, either through command line or a web interface, enhancing collaboration for testing teams.

AI Summary: PowerShell for Hackers is a repository of customizable PowerShell functions designed to aid in developing payloads for security testing and ethical hacking. Key features include a variety of functions with descriptions, usage examples, and accompanying video tutorials, which facilitate the creation of payloads for diverse scenarios such as system manipulation, desktop interactions, and data concealment. This collection emphasizes community collaboration, allowing users to contribute their own functions.

README

AI Summary: Powershell-RAT is a Python-based remote access tool designed for red team engagements to backdoor Windows machines. Its primary use case involves tracking user activity through screen captures and exfiltrating data via email attachments using Gmail. Key features include stealthy operation, the ability to execute tasks such as taking screenshots and scheduling tasks, and a comprehensive “Hail Mary” option for automated execution.

README

Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment.

AI Summary: pretender is a versatile tool designed for executing man-in-the-middle (MitM) attacks by spoofing local name resolutions and performing DHCPv6 DNS takeover. It specializes in relaying attacks primarily against Windows hosts, leveraging protocols such as mDNS, LLMNR, and NetBIOS-NS spoofing. Notable features include the ability to log network queries in dry run mode, tailored domain responses, and integration with relaying tools like Impacket’s ntlmrelayx.py and krbrelayx.

README

pretender

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover
as well as mDNS, LLMNR and NetBIOS-NS spoofing

AI Summary: PrivEsc is a collection of privilege escalation scripts and exploits designed for Windows, Linux, and MySQL environments. Its primary use case is to help security professionals identify and exploit privilege escalation vulnerabilities in various systems. Notable features include compatibility with multiple operating systems and exploitation capabilities tailored for common service vulnerabilities.

README

PrivEsc by 1N3@CrowdShield

http://crowdshield.com

ABOUT:

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

AI Summary: PrivescCheck is a PowerShell script designed for identifying common Windows vulnerabilities and configuration issues outside the scope of public security standards, facilitating exploitation and post-exploitation tasks. It allows users to run various checks—including basic, extended, and audit checks—generate human-readable reports in multiple formats (TXT, HTML, CSV, XML), and includes options for silent execution and risky checks, making it suitable for penetration testing, research, and auditing purposes. Notably, the tool performs context-aware access control checks to provide accurate findings based on the current user’s privileges.

AI Summary: PsMapExec is a PowerShell-based post-exploitation framework designed to facilitate penetration testing within Active Directory environments. It offers enhancements over similar tools like CrackMapExec and NetExec, allowing for comprehensive Active Directory enumeration and management with a user-friendly interface. The tool is self-contained, making it suitable for use in restricted environments, and emphasizes adherence to ethical guidelines and consent when utilized for security assessments.

README

PsMapExec

AI Summary: pspy is an unprivileged Linux process monitoring tool that allows users to observe commands executed by other processes, including cron jobs, in real-time without requiring root access. It leverages procfs scans and inotify filesystem watchers to detect short-lived processes and can be particularly useful for system enumeration in Capture The Flag (CTF) challenges, as well as for demonstrating secure coding practices regarding command-line argument handling. Notable features include customizable process and filesystem event monitoring, with options for output formatting and scan intervals.

AI Summary: Psudohash is a customizable password list generator designed for orchestrating brute force attacks and cracking hashes by mimicking human password creation patterns. Key features include in-order and all-order combinations of keyword permutations, leet character substitution, common padding value additions, and filtering options based on word length, making it particularly effective for pentesting corporate environments where standard naming conventions are often used in passwords.

README

psudohash

Cool New Features of v1.1.0

Special thanks to DavidAngelos:
▶️ Added a progress bar in every step to track execution.
▶️ Added options:

AI Summary: Pwn_jenkins is a tool designed for exploiting various remote code execution vulnerabilities within Jenkins instances, specifically targeting misconfigurations and outdated versions. It enables authenticated and unauthenticated access to sensitive files, allows for arbitrary command execution via deserialization exploits, and identifies authentication bypass issues through crafted requests. Notable features include support for multiple CVEs, including CVE-2014-23897 and CVE-2019-1003002, making it a comprehensive toolkit for assessing the security of Jenkins environments.

AI Summary: Pwnagotchi is a Raspberry Pi-based tool designed for capturing WPA key material from Wi-Fi networks using passive and active techniques, generating PCAP files compatible with hashcat for cracking. Notable features include the ability to perform full and half WPA handshake captures, utilize PMKID attacks, and facilitate communication between multiple Pwnagotchi units through a custom protocol. The tool has removed AI components to enhance stability and battery life during operation.

AI Summary: Pwncat is a powerful networking tool that enhances the capabilities of traditional netcat by incorporating advanced features such as evasion techniques for firewalls and intrusion detection/prevention systems, along with support for both bind and reverse shells. Its self-injecting shell functionality and extensive scripting support using Python make it particularly effective for penetration testing and exploitation scenarios. Notably, it facilitates seamless port forwarding and maintains a user-friendly interface for enhanced usability in complex network environments.

AI Summary: pythem is a versatile penetration testing framework written in Python, designed for use by security researchers and professionals to conduct various security assessments within legal boundaries. Notable features include support for attacks such as ARP spoofing, DNS manipulation, brute force attacks on SSH and web forms, as well as tools for exploit development and packet filtering. The framework can be installed on Debian-based Linux distributions, or run as a Docker container, facilitating accessibility and ease of deployment.

AI Summary: Raccoon is an offensive security tool designed for reconnaissance and information gathering, offering a wide range of features like DNS enumeration, WHOIS lookup, TLS data analysis, port scanning, and directory fuzzing. With support for asynchronous scanning via Python’s asyncio and anonymity through Tor/proxies, it provides efficient and robust scanning capabilities while organizing outputs by target and scan type. Additionally, it leverages default wordlists from SecLists for various reconnaissance tasks, enhancing its operational effectiveness.

AI Summary: RapidScan is a multifaceted web vulnerability scanner that automates the execution of various security scanning tools to efficiently uncover and assess vulnerabilities in web applications. Notable features include its one-step installation, support for multiple tools like nmap and nikto, the ability to correlate results to reduce false positives, and the provision of detailed vulnerability definitions and remediation strategies. The tool is designed to streamline the penetration testing process, saving valuable time while offering comprehensive reporting and future plans for AI-driven tool deployment based on detected issues.

AI Summary: Reconmap is an open-source penetration testing management and automation platform that aids security professionals throughout the engagement lifecycle by efficiently planning, executing, and reporting on security assessments. Its notable features include real-time execution and scheduling of security commands, automated output capture, vulnerability tracking, and the generation of professional reports in multiple formats, all aimed at streamlining workflows and enhancing collaboration among InfoSec teams.

README

AI Summary: Reconnoitre is a reconnaissance tool designed for automating information gathering and service enumeration tailored for OSCP labs. Its primary use case involves creating a structured directory for storing results, findings, and recommended commands for each target host while offering features like DNS and SNMP sweeps, service scanning, and virtual host discovery using customizable wordlists. The tool emphasizes ease of use and flexibility, allowing users to execute tailored reconnaissance operations efficiently.

AI Summary: RecoverPy is a data recovery tool that scans raw disk partitions to recover deleted files by directly inspecting disk blocks and searching for specific byte patterns. Designed primarily for forensic data recovery, it allows users to navigate adjacent blocks to retrieve fragmented data while ensuring that the entire scanning process is memory-efficient and focused solely on raw data, without attempting any filesystem interpretations. Notably, it facilitates efficient block inspection and content extraction, though success depends on the integrity of the underlying disk blocks.

AI Summary: The Red Team Infrastructure Wiki provides comprehensive guidance for establishing a robust and resilient Red Team infrastructure, aimed at enhancing operational effectiveness in adversarial engagements. Notable features include detailed design considerations for functional segregation, integration of redirectors for obscured communication, and streamlined deployment strategies for phishing and command and control (C2) operations. This resource is particularly valuable for enhancing agility against defensive measures during long-term engagements and during active incident responses.

AI Summary: The Red Teaming Toolkit is an open-source collection of security tools designed to facilitate adversary simulation and enhance threat hunting capabilities. It features various tools organized by categories including reconnaissance, initial access, and lateral movement, providing functionalities such as port scanning, OSINT gathering, and credential dumping. The toolkit serves both security practitioners aiming to test network defenses and those looking to improve detection and prevention mechanisms against potential threats.

AI Summary: RedAmon is an autonomous AI framework designed for seamless cybersecurity operations that integrate reconnaissance, exploitation, and post-exploitation processes into a streamlined pipeline. It stands out by automatically triaging findings, applying code fixes, and generating pull requests in repositories, ensuring human oversight at critical junctures. Its notable features include support for over 38 security tools, integration with major vulnerability scanners, and configurable autonomy to adapt to various security assessment needs.

AI Summary: RedSnarf is a penetration testing and red team tool designed for the extraction of hashes and credentials from Windows environments, including workstations, servers, and domain controllers, utilizing operationally safe techniques. Key features include the retrieval of local SAM hashes, enumeration of users with elevated privileges, and capabilities for hash spraying, LSASS dumps, and remote management functions like enabling/disabling RDP and clearing event logs. The tool focuses on efficient credential collection and strengthening post-exploitation analysis while maintaining a low profile during operations.

AI Summary: RedTeam-Tools is a comprehensive repository containing over 150 tools and resources specifically designed for red teaming activities, encompassing both targeted tools and general-purpose utilities adaptable for offensive operations. Notable features include a variety of specialized tips for advanced red team techniques, as well as tools for reconnaissance, exploitation, and post-exploitation, catering to a wide range of attack vectors and methodologies. This collection serves as both a practical toolkit and an educational resource for those engaged in offensive cybersecurity practices.

AI Summary: This repository contains personal notes focused on red teaming and offensive security, emphasizing practical experiments with various penetration testing techniques and tools in a controlled lab environment. It covers a range of methodologies, including code execution, defense evasion, and lateral movement, while aiming to enhance understanding of cyber attacks and malware development. Notable features include a commitment to referencing other researchers’ work and a critical approach to self-learning through experimentation and documentation.

AI Summary: The remote-method-guesser (rmg) is a Java RMI vulnerability scanner designed to identify and verify common security vulnerabilities on Java RMI endpoints. It features practical examples, including servers that facilitate testing for standard RMI services, SSRF attacks, and Spring Remoting integration, making it a valuable tool for penetration testers and security researchers. The tool’s compatibility with Docker allows for efficient setup and execution of security assessments in isolated environments.

AI Summary: reNgine is a comprehensive web reconnaissance and vulnerability scanning tool aimed at security professionals, penetration testers, and bug bounty hunters. It features a highly configurable engine, data correlation capabilities, continuous monitoring, and a database-backed reconnaissance system, with the latest update including enhancements like a bounty hub integration, subdomain enumeration tools, and customizable reporting templates. This tool streamlines the reconnaissance process, enhancing efficiency and effectiveness in identifying vulnerabilities across web applications.

AI Summary: Resolvers is an extensive repository of validated DNS resolvers designed for use in DNS enumeration tasks, catering primarily to security professionals and penetration testers. The tool offers various lists, including a simple resolver list, an extended version with detailed metadata about each resolver, and a selection of trusted resolvers from reputable organizations like Cloudflare and Google. Notably, it employs a robust validation process using multiple instances of dnsvalidator to ensure the reliability of the resolver data, which is continuously updated through community contributions.

AI Summary: The “Resources-for-Beginner-Bug-Bounty-Hunters” repository serves as a comprehensive guide for individuals entering the realm of web hacking and bug bounty hunting. It features a curated selection of tools, tips, and resources aimed at enhancing the skills of both novice and experienced hunters, with notable sections on vulnerability types, testing environments, and coding resources. Additionally, the repository includes links to educational courses and community engagement platforms to foster learning and collaboration.

AI Summary: Reverse SSH is a tool designed for establishing reverse shells using SSH, enabling secure connections for remote management and file transfer. Its primary use case revolves around providing a reliable method for accessing and controlling remote systems, featuring capabilities such as dynamic port forwarding, native SCP/SFTP support, and multiple network transports like HTTP and TLS. Notable features include mutual client-server authentication, a full Windows shell experience, and advanced functionalities like fileless execution and built-in HTTP server capabilities for dynamic client generation.

AI Summary: reverse-shell is a tool that facilitates setting up reverse shells on Unix-like systems, primarily intended for penetration testing and educational purposes. It automatically detects the target’s available software to execute the appropriate payload, enabling users to bypass firewalls and gain remote shell access effortlessly. Notable features include ease of use with commands for listening and executing reverse shells, options for reconnecting after disconnection, and the ability to run in the background to avoid detection.

AI Summary: ReverseSSH is a lightweight, statically-linked SSH server designed for establishing reverse connections, primarily useful for remote access during CTFs and penetration tests like the OSCP exam. It offers fully interactive shell access, file transfer through SFTP, and supports various port forwarding options, making it a versatile tool for bridging initial access with privilege escalation on target systems running Unix or Windows. Notable features include its compact size of less than 1.5MB and compatibility with both operating systems, enhancing its utility in diverse environments.

AI Summary: ReverseAPK is a tool designed for the analysis and reverse engineering of Android applications, enabling users to quickly decompile APK files into Java and Smali formats. Its notable features include static source code analysis to identify common vulnerabilities, automatic extraction of files, and comprehensive evaluation of the AndroidManifest.xml for security risks associated with application behavior.

README

ReverseAPK

Credits: @xer0dayz

Website: https://sn1persecurity.com

Version: 1.2

ABOUT:

Quickly analyze and reverse engineer Android applications.

AI Summary: Ruler is a remote interaction tool designed for Exchange servers, exploiting MAPI/HTTP and RPC/HTTP protocols to manipulate Outlook features for shell access. Its primary use case includes enumerating valid users, creating malicious mail rules, and executing VBScript via Outlook forms or home pages. Notable features include the ability to leverage the Autodiscover service for efficient interaction and a variety of built-in functions for customized exploitation.

README

Introduction

Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol. The main aim is abuse the client-side Outlook features and gain a shell remotely.

AI Summary: Rustcat is a versatile port listener and reverse shell utility compatible with Linux, MacOS, and Windows, designed to simplify remote command execution. Notable features include an interactive mode with command history, tab completion, and CTRL-C blocking, which enhance user experience during shell operations. It provides two primary modes of operation: listening for incoming connections and establishing reverse shells for remote system access.

README

AI Summary: RustHound is a cross-platform BloodHound collector tool developed in Rust, designed to generate data about users, groups, computers, OUs, GPOs, and containers for analysis within BloodHound. It operates silently without detection by antivirus software and is suitable for environments where SharpHound is blocked or incompatible. Notable features include its ability to run on Linux, Windows, and macOS, along with a range of compile options, including Docker support and static binary generation.

AI Summary: RustScan is an advanced port scanner designed for high-speed operation, capable of scanning all 65,000 ports in just 3 seconds. Its notable features include a flexible scripting engine that supports Python, Lua, and Shell for automated processing, as well as adaptive learning capabilities that enhance its performance over time, making it a highly effective tool for network security assessments.

README

AI Summary: scan4all is a versatile cybersecurity tool designed for automated web scanning and vulnerability detection, integrating various tools such as vscan, nuclei, and subfinder. It supports a wide range of protocols for password blasting and includes built-in detection capabilities for over 15,000 proof-of-concept (PoC) exploits. Built on Golang, it is cross-platform, lightweight, customizable, and features intelligent scanning mechanisms that optimize performance while ensuring comprehensive coverage of vulnerabilities.

README

💬

AI Summary: Scanners Box is a comprehensive hacker toolkit that consolidates over 335 open-source scanners across various categories, such as subdomain enumeration, SQL injection vulnerability detection, and malware detection. The tool is designed for modular vulnerability assessment and does not include well-known scanning tools like Nmap or Metasploit, focusing instead on specialized scanning capabilities. Notable features include AI-powered autonomous scanners, dynamic and static code analysis, and comprehensive scanning for web applications and IoT devices.

AI Summary: Scilla is an information gathering tool designed for DNS, subdomains, ports, and directories enumeration. Its primary use case is for penetration testing, providing capabilities for extensive reconnaissance on target domains. Notable features include customizable wordlists for subdomain and directory enumeration, multiple output formats, and ease of installation through various methods such as Homebrew, Snap, and Docker.

README

🏴‍☠️ Information Gathering tool 🏴‍☠️ - DNS / Subdomains / Ports / Directories enumeration


_{Coded with 💙 by edoardottt}
Share on Twitter!

AI Summary: SecTemplates is a resource repository designed for infosec professionals and engineering teams lacking dedicated security personnel, providing templates for various security programs such as bug bounties, incident response, and vulnerability management. The tool offers structured starting points including checklists, runbooks, and document templates, facilitating the establishment and scaling of security initiatives while maintaining neutrality towards specific vendors. Content is freely available for personal and commercial use, barring resale in other products.

AI Summary: The “security” repository serves as a compilation of security research and writing contributions by the author, highlighting vulnerabilities across various software platforms including Vim, Chrome, and Firefox. Its primary use case is to document security issues and provide insights via detailed write-ups and analysis, particularly related to Capture The Flag (CTF) challenges. Notable features include links to CVEs, write-ups of specific vulnerabilities, and a collection of past security issues relevant to major web browsers.

AI Summary: The Jassics Security Study Plan repository provides a comprehensive roadmap for aspiring cybersecurity engineers, covering various roles such as penetration testing, application security, cloud security, and DevSecOps. It offers structured study plans that include both free and paid resources, tools, and key concepts necessary to excel in the field. Notable features include detailed plans for specialized areas like AWS, GCP, and threat modeling, along with common skills assessments to help learners gauge their progress.

AI Summary: security-tools is a collection of small security utilities developed in Python and Bash, aimed at assisting CTF competitors, bug bounty hunters, penetration testers, and developers. The primary use case is to facilitate various security tasks and streamline the testing process. Notable features include a diverse range of tools tailored for different security challenges and scenarios.

README

security-tools

Small security related tools created in Python and Bash for CTF players, bug bounty hunters, pentesters and developers.

AI Summary: Hashtopolis is a client-server tool designed for distributing hashcat tasks across multiple computers, facilitating efficient password cracking on a scalable architecture. Notable features include multi-user support, a web-based administration interface, customizable agents, and strong security measures including agent trust levels and “secret” file handling. It utilizes an HTTP(S) communication protocol with a JSON-based configuration, enhancing usability and compatibility with common web hosting setups.

README

Hashtopolis

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts:

AI Summary: SessionGopher is a PowerShell-based tool designed to retrieve and decrypt saved session information from remote access applications like PuTTY, WinSCP, FileZilla, and RDP. Its primary use case is for security assessments to identify systems that may connect to sensitive environments such as Unix systems or remote desktops. Notable features include thorough filesystem searches for private key files and the ability to run queries across multiple hosts or domain-joined systems, with results conveniently outputted to CSV files.

AI Summary: Shannon is an autonomous AI penetration testing tool designed for web applications and APIs, capable of performing white-box security assessments through source code analysis and real exploit execution. It identifies potential vulnerabilities such as injection attacks and authentication bypasses, generating reports that include only verified exploits with reproducible proof-of-concept evidence. Key features include fully automated operation, OWASP vulnerability coverage, and integrated security tooling, making it suitable for continuous security testing throughout the software development lifecycle.

AI Summary: Shortscan is an IIS short filename enumeration tool that rapidly identifies files with short filenames on an IIS web server and attempts to discover their corresponding full filenames using a unique checksum matching method. Its notable features include support for custom headers, concurrency settings, and vulnerability checks without full file enumeration, as well as the ability to utilize custom wordlists and generate rainbow tables through an accompanying utility named shortutil.

AI Summary: Skanuvaty is a high-performance DNS/network/port scanning tool that allows users to quickly analyze a domain by discovering its subdomains and resolving their corresponding IPs. Notable features include support for concurrent scans, with the ability to test thousands of subdomains within seconds, and the generation of a comprehensive output file in JSON format for further analysis.

README

Skanuvaty

Dangerously fast dns/network/port scanner, all-in-one.

Start with a domain, and we’ll find everything about it.

AI Summary: Slowloris is a Python tool designed to execute HTTP Denial of Service attacks against threaded servers by maintaining numerous open connections through periodic header transmissions, thereby exhausting the server’s thread pool. It supports SOCKS5 proxy connections for enhanced anonymity and offers various configuration options such as socket count, random user agents, and logging verbosity to customize the attack parameters. This tool is primarily used for testing the resilience of web servers against DoS attacks.

AI Summary: sn0int is a semi-automatic OSINT framework and package manager designed for IT security professionals and researchers to gather intelligence on targets or themselves. It facilitates the enumeration of attack surfaces by processing public information through flexible, modular analysis tools and provides features such as subdomain harvesting, IP address enrichment, login breach discovery, and social media profile analysis. Its extensible architecture allows users to create and share custom modules, enhancing its versatility in investigations.

AI Summary: Sn1per is an automated penetration testing and attack surface management tool that enhances vulnerability scanning by integrating both commercial and open-source scanners to identify hidden assets and vulnerabilities within an organization’s environment. It streamlines the security assessment process through automation, providing deep and continuous security insights suitable for organizations of all sizes. Notable features include its capability to discover and prioritize risks, saving time and resources in the vulnerability management lifecycle.

AI Summary: Social Analyzer is an OSINT tool designed to analyze and locate a person’s profiles across over 1000 social media platforms via an API, CLI, or web application. Its primary use case includes investigating potential malicious activities like cyberbullying and misinformation dissemination through sophisticated detection modules that yield a confidence rating. Notable features include multi-profile searches, various detection techniques (such as OCR and advanced algorithms), and customizable queries for enhanced data extraction and analysis.

AI Summary: SocialFish is a phishing tool primarily designed for educational purposes, allowing users to create customizable social engineering attack vectors. It features a user-friendly interface and supports Docker for easy deployment. The tool enables users to simulate phishing attacks to assess and enhance security awareness and defenses against social engineering threats.

README

SocialFish

Are you looking for SF’s mobile controller? UndeadSec/SocialFishMobile

Are you looking for SF’s old version(Ngrok integrated) ? UndeadSec/SociaFish/…/sharkNet

AI Summary: SpiderSuite is an advanced cross-platform web crawling tool specifically crafted for security professionals, facilitating comprehensive web audits and vulnerability assessments. Notable features include ease of installation, user-friendly documentation, and a feature-rich environment tailored for first-time users. The tool aims to enhance security testing processes through efficient crawling capabilities.

README

• Roadmap

SpiderSuite is an advance cross-platform and multi-feature web crawler designed for security professionals. For more information visit SpiderSuite’s website.

AI Summary: Spoilerwall is a network hardening tool that obscures open ports by serving movie spoilers whenever a scan is performed, effectively misleading potential attackers. Its primary use case is to create a deceptive environment that appears vulnerable but instead provides mundane content, deterring unwanted attention and scans. Notable features include customizable spoiler content, easy server setup, and the ability to redirect all TCP traffic to the Spoilerwall service, enhancing security through obfuscation.

AI Summary: Spoofy is a Python-based tool designed to evaluate the spoofability of domains by analyzing their SPF and DMARC records. It features authoritative lookups with a known DNS fallback, accurate bulk processing, and a customizable spoof logic derived from real-world testing, enabling users to conduct comprehensive assessments of domain security configurations. Additionally, Spoofy offers DKIM selector enumeration via API as an optional feature, making it a valuable resource for cybersecurity assessments.

AI Summary: sqlmap is an open-source penetration testing tool designed for automating the detection and exploitation of SQL injection vulnerabilities in web applications. It features a robust detection engine with capabilities such as database fingerprinting, data extraction, file system access, and command execution through out-of-band connections, making it a comprehensive tool for security professionals. The tool is compatible with Python 2.7 and 3.x, ensuring broad platform support.

README

sqlmap

AI Summary: SSRF-Testing is a tool designed for testing and exploiting Server Side Request Forgery (SSRF) vulnerabilities. It provides a variety of resources, including quick URL bypass methods, custom HTTP response generation, and a minimal web server setup for testing different response codes across various file types. Notably, it also includes an IP encoding utility to facilitate testing within whitelisted domains.

README

AI Summary: SSTImap is a penetration testing tool designed to identify and exploit Server-Side Template Injection (SSTI) vulnerabilities in web applications. Its notable features include an interactive mode for enhanced exploitation, support for various programming languages and template engines, and a modular plugin architecture allowing for extensibility. The tool enables advanced exploitation techniques, including the use of generic payloads and evaluation scenarios.

README

SSTImap

AI Summary: Stegseek is a high-performance steghide cracker designed to efficiently extract hidden data from files, achieving remarkable speeds by leveraging a comprehensive wordlist, such as rockyou.txt, to crack passwords in under two seconds. Its primary use case includes both password cracking and the detection of steghide metadata without requiring passwords, enabling users to ascertain file contents speedily. Notable features include the ability to brute-force the random number generator used in steghide to recover unencrypted files and detailed metadata extraction.

AI Summary: Stowaway is a multi-tier proxy tool written in Go, designed specifically for penetration testers to route external traffic through multiple nodes into an internal network, thereby overcoming access restrictions. Notable features include user-friendly command-line interface, tree structure node management, support for various connection types (socks5, HTTP, SSH), traffic encryption using TLS/AES-256-GCM, and capabilities for remote shell, file transfer, and port mapping, all while maintaining compatibility across multiple platforms such as Linux, Mac, and Windows.

AI Summary: Subjack is a DNS takeover scanner written in Go, designed for the concurrent scanning of domain lists to identify registrable domains vulnerable to hijacking. It features detection capabilities for various vulnerability types including CNAME takeovers, NS delegation issues, stale A records, and more, allowing security professionals to assess the risk of domain takeovers effectively. With an emphasis on speed and efficiency, Subjack provides functionalities such as customizable concurrency and thorough output options to facilitate large-scale testing.

AI Summary: Sublert is a Python-based security tool designed for monitoring new subdomains associated with specific organizations by leveraging certificate transparency. It facilitates automated alerts to a Slack workspace for newly identified subdomains and includes functionalities for DNS resolution to verify active subdomains. Key features include periodic monitoring, configuration options for concurrent threads, and logging capabilities.

README

                                   _____       __    __          __
                                  / ___/__  __/ /_  / /__  _____/ /_
                                  \__ \/ / / / __ \/ / _ \/ ___/ __/
                                 ___/ / /_/ / /_/ / /  __/ /  / /_
                                /____/\__,_/_.___/_/\___/_/   \__/

                                    Author: Yassine Aboukir
                                        Version: 1.4.7

AI Summary: SubOver is a Golang-based tool designed for detecting potential subdomain takeovers across more than 30 services, leveraging Go’s concurrency for enhanced speed and efficiency. Its primary use case is for security professionals conducting assessments of web applications to identify vulnerable subdomains that can be hijacked. Notable features include a comprehensive service list, customizable concurrent threads, and a straightforward command-line interface for easy operation.

README

SubOver

Note - This project is discontinued. No more updates will be provided! Sorry!

But something more awesome will come soon!

AI Summary: SubScraper is a subdomain enumeration tool designed for penetration testers and bug bounty hunters, enabling the discovery of an organization’s attack surface through multiple techniques. It supports DNS resolution, HTTP(S) requests, and CNAME lookups, along with modular support for various data sources and the capability to handle multiple targets. Key features include compatibility with Windows CLI, output formatting in .txt or .csv, and easy extensibility to add new enumeration methods.

AI Summary: SUDO_KILLER is a cybersecurity tool designed for professionals such as pentesters and security auditors, focusing on privilege escalation vulnerabilities in Linux systems related to SUDO configuration and usage. It manually identifies issues such as misconfigurations, risky binaries, and version-based vulnerabilities (CVEs), enabling users to exploit these weaknesses for gaining root-level privileges. The tool provides a detailed checklist of potential local exploits and requires users to perform the exploitation process manually, ensuring a controlled approach to privilege escalation testing.

AI Summary: Sudomy is a subdomain enumeration and analysis tool designed for advanced automated reconnaissance and OSINT activities. It features both active and passive enumeration methods, utilizing efficient techniques such as DNS brute-forcing via Gobuster and data collection from 22 curated third-party sources. Additional capabilities include subdomain testing, virtual host classification, port scanning, and technology identification, making it a comprehensive solution for penetration testing and bug bounty applications.

README

Sudomy

AI Summary: SwiftnessX is a cross-platform note-taking and target-tracking application designed specifically for penetration testers, built on the ElectronJS framework. It features customizable checklists, including the OWASP Testing Checklist, and allows users to import/export their checklists, enhancing organized documentation throughout the penetration testing process. The tool aims to streamline the workflow for security professionals by providing a unified interface for managing testing notes and methodologies.

README

SwiftnessX v0.2

AI Summary: THC-Archive is a repository that consolidates all releases from The Hacker’s Choice, a prominent security research group. This collection serves as a backup for their work, ensuring that projects are preserved despite the lack of a full web server. Notable active projects include THC-Hydra, THC-IPv6, and utilities aimed at various hacking and security tasks.

README

THC-Archive

All releases of the security research group (a.k.a. hackers) The Hacker’s Choice

AI Summary: THC-Hydra is a versatile password-cracking tool designed for testing the security of various network services by attempting to gain unauthorized access through brute-force attacks. It supports multiple protocols, including FTP, HTTP, SSH, and many others, enabling security researchers and consultants to evaluate password strength and recognize vulnerabilities across a wide range of applications. Notable features include its ability to conduct parallelized connection attempts and an extensible module engine for easy addition of new protocols.

AI Summary: TIDoS is an advanced offensive web application penetration testing framework designed to facilitate comprehensive security assessments by automating tasks across multiple phases, including reconnaissance, scanning, and vulnerability analysis. With over 100 modules and features such as multiprocessing for performance enhancement, a Metasploit-like console interface, and a graphical user interface, TIDoS streamlines the penetration testing process, enabling users to conduct efficient and thorough web application security assessments with minimal configuration. Additional capabilities like Tor integration further enhance anonymity during testing efforts.

AI Summary: TOP is a vulnerability cataloging tool designed for bug bounty hunters and penetration testers, focusing on proof-of-concept (PoC) exploits for various Common Vulnerabilities and Exposures (CVEs) from recent years. It compiles a list of notable CVEs along with their respective exploits and corresponding GitHub repositories, thereby facilitating ease of access and research for security professionals. Key features include organized yearly summaries of significant vulnerabilities, making it an essential resource for monitoring and exploiting security weaknesses.

AI Summary: The “top25-parameter” repository provides a curated list of the 25 most commonly vulnerable parameters associated with various web security vulnerabilities, including Cross-Site Scripting (XSS), SQL Injection (SQLi), and Server-Side Request Forgery (SSRF). It is intended for use in both manual reconnaissance and automation tools, supported by data sourced from OSINT and articles in the cybersecurity community. Notable features include organized parameters for different vulnerabilities, aiding security researchers and practitioners in identifying and mitigating risks effectively.

AI Summary: Username Anarchy is a command-line tool designed for generating potential usernames during penetration testing, crucial for user account/password brute force attacks and username enumeration. It features a flexible plugin architecture for various username formats, utilizes common first and last names databases from external sources, and allows for name substitutions to maximize coverage when only partial user information is known. This tool supports input from multiple formats and automates name generation based on country datasets or popular social media aliases.

AI Summary: V3n0M-Scanner is an offensive security framework designed for vulnerability scanning and penetration testing, offering a Python-based toolkit that operates across both Linux and Windows platforms. Notable features include advanced scanning capabilities for SQL injection, local file inclusion to remote code execution, and a Cloudflare resolver, along with extensive target lists and efficient scanning of potentially millions of IPs for known vulnerabilities. The tool is open-source and aims to provide transparency and ease of use for security professionals.

AI Summary: Venom is a multi-hop proxy tool designed for penetration testers, built using Go, which allows the connection of multiple nodes to facilitate multi-layer traffic routing. Key features include a visual network topology, multi-level SOCKS5 proxying, interactive shell access, and secure communication between nodes, making it ideal for managing complex internal networks during security assessments. The tool supports various platforms and architectures, enhancing its versatility for engagements in diverse environments.

AI Summary: VHostScan is a virtual host scanner designed to enhance the discovery of virtual hosts and identify catch-all scenarios, aliases, and dynamic default pages. This tool is particularly useful for penetration testers and security professionals, as it features a modernized codebase, improved wordlists for various environments, robust error handling, and performance optimizations. Notable capabilities include support for both HTTP and HTTPS, customizable wordlist inputs, and the ability to identify new targets through reverse lookups.

AI Summary: Villain is a high-level C2 framework designed for managing multiple reverse TCP and HoaxShell-based shells, allowing users to enhance shell functionality and share features across different instances. Notable features include customizable payload generation, a dynamic pseudo-shell prompt for session management, file upload capabilities, fileless script execution, and a built-in Session Defender to prevent user errors during command input. The tool is primarily aimed at ethical hacking and penetration testing, ensuring users operate within legal boundaries.

AI Summary: VulnX is an intelligent bot designed for automatic shell injection that identifies vulnerabilities across various content management systems (CMS). Key features include multi-threaded vulnerability scanning, target information gathering, subdomain enumeration, and the ability to search for exploits using dorks, which streamline the injection process as opposed to manual methods. The tool supports multiple CMS platforms, enhancing its usability for security assessments and penetration testing.

README

VulnX

Vulnx 🕷️ is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms

AI Summary: Vulscan is a powerful Nmap module that transforms the commonly used network scanning tool into an effective vulnerability scanner by leveraging version detection to identify potential flaws in services. It utilizes various pre-defined vulnerability databases such as VulDB and CVE, with the capability of supporting custom databases for enhanced flexibility. Notable features include automatic updates for vulnerability databases and configurable settings to optimize match priority and version detection.

AI Summary: Web Hacking is a comprehensive repository of notes focused on bug bounty hunting and penetration testing, collating various techniques for vulnerability discovery and exploitation. The tool features extensive reconnaissance and OSINT methods, a detailed list of common vulnerabilities, and bypass techniques, making it a valuable resource for security professionals seeking to enhance their skills and methodologies in web application security. Additionally, it encourages community contributions, fostering continuous improvement and updates of its content.

AI Summary: The “Web App Pentest Checklist” is a comprehensive OWASP-based tool designed for web application security assessments, featuring over 500 test cases across various categories such as information gathering, configuration management, and vulnerability testing. Its extensive coverage includes methods for reconnaissance, fingerprinting technologies, and testing for security misconfigurations and common vulnerabilities, making it an essential resource for penetration testers. Notable features include detailed checklists for enumerating applications, verifying configurations, and ensuring compliance with security best practices.

AI Summary: Web Cache Vulnerability Scanner (WCVS) is a command-line interface tool designed to identify and exploit web cache poisoning and deception vulnerabilities across various web applications. It supports multiple techniques for both attack types, features a crawler for discovering additional URLs, and can be integrated into CI/CD processes to streamline security practices. Notable functionalities include customizable request handling, JSON report generation, and the ability to route traffic through a proxy for enhanced testing versatility.

AI Summary: Web-Fuzzing-Box is a tool designed for web application security testing, offering a diverse collection of dictionaries and payloads for conducting fuzzing attacks, including brute force, directory and file enumeration, and exploitation of web vulnerabilities. Notable features include a comprehensive suite of dictionaries tailored for specific vulnerabilities such as SQL injection, XSS, and authentication bypass, as well as case studies demonstrating the practical application of these resources in real-world scenarios. This tool is particularly valuable for penetration testers and security researchers seeking to enhance their web application assessments.

AI Summary: Webanalyze is a performance-oriented tool written in Go that identifies technologies used by web applications by analyzing HTTP responses from specified hosts. Its primary use case is for security assessments and technology profiling, supporting bulk analysis of multiple hosts via input files and offering output in various formats such as CSV and JSON. Notable features include the ability to crawl links from a root page, search for subdomains, and download updated app definitions from the Wappalyzer repository.

AI Summary: WebKiller V2 is a Python-based tool designed for information gathering and CMS detection in web applications. Its primary use case is to aid cybersecurity professionals in identifying vulnerabilities and obtaining crucial data about target websites. Notable features include a user-friendly command-line interface, compatibility with multiple operating systems, and comprehensive installation instructions.

README

WebKiller V2

Tool Information Gathering Write With Python.

PreView

    
 ██╗    ██╗███████╗██████╗ ██╗  ██╗██╗██╗     ██╗     ███████╗██████╗ 
 ██║    ██║██╔════╝██╔══██╗██║ ██╔╝██║██║     ██║     ██╔════╝██╔══██╗
 ██║ █╗ ██║█████╗  ██████╔╝█████╔╝ ██║██║     ██║     █████╗  ██████╔╝
 ██║███╗██║██╔══╝  ██╔══██╗██╔═██╗ ██║██║     ██║     ██╔══╝  ██╔══██╗
 ╚███╔███╔╝███████╗██████╔╝██║  ██╗██║███████╗███████╗███████╗██║  ██║
 ╚══╝╚══╝ ╚══════╝╚═════╝ ╚═╝  ╚═╝╚═╝╚══════╝╚══════╝╚══════╝╚═╝  ╚═╝
 ====================================================================
 **                  WebSite : UltraSec.org                        **
 **                  Channel : @UltraSecurity                      **
 **                 Developers : Ultra Security Team               **
 **                   Thank's : .::Shayan::.                       **
 ====================================================================          
          
 [$] Choose one of the options below 

 [1] Information Gathering

 [2] CMS Detection

 [3] Developer :)

 [4] Exit . . .

 ┌─[WEBKILLER~@HOME]
 └──╼ $ 

Operating Systems Tested

• Kali Linux 2020.1
• Windows 10
• Ubuntu 19.10

Install

git clone https://github.com/ultrasecurity/webkiller.git
cd webkiller
pip3 install -r requirements.txt
python3 webkiller.py 

ScreenShot

AI Summary: Weird Proxies is a comprehensive cheat sheet designed to document the behaviors and vulnerabilities of various reverse proxies, cache proxies, and load balancers. The tool serves as a resource for security professionals analyzing potential security threats and related attack vectors associated with commonly used proxy technologies like Nginx, Apache, and AWS. Notable features include detailed analyses and links to additional research articles, offering practical insights for understanding weaknesses in proxy configurations.

AI Summary: WeirdAAL (AWS Attack Library) is a tool designed for simulating and performing various attack scenarios specifically targeting Amazon Web Services environments. Its primary use case is to aid security professionals in understanding and mitigating potential vulnerabilities within AWS by utilizing a comprehensive collection of attack vectors. Notable features include extensive documentation and potential integration with other security testing frameworks.

README

WeirdAAL (AWS Attack Library)

WeirdAAL (AWS Attack Library)

AI Summary: Wifi-deauth is a cybersecurity tool designed to perform denial-of-service (DoS) attacks by disconnecting all devices from a targeted Wi-Fi network without requiring the network’s password. It operates by sending spoofed deauthentication packets to both the access point and its connected clients, with the capability to operate across multiple channels simultaneously, supporting both 2.4GHz and 5GHz bands. Notable features include the ability to filter attacks by specific SSIDs or BSSIDs, optional usage of multiple interfaces, and tailored channel scanning to enhance attack efficacy.

AI Summary: The windows-kernel-exploits repository provides a collection of exploit code snippets for various vulnerabilities in the Windows kernel, leveraging known CVEs to demonstrate potential elevation of privilege and remote code execution attacks. This tool primarily serves security researchers and penetration testers conducting vulnerability assessments on Windows operating systems. Notable features include comprehensive listings of CVEs, along with links to proof-of-concept exploits and detailed descriptions for a wide range of Windows versions.

AI Summary: WinPwn is a comprehensive PowerShell-based tool designed for internal penetration testing, emphasizing automation and proxy support for reconnaissance and exploitation tasks. Its notable features include modules for session management, credential dumping, local and domain reconnaissance, and privilege escalation checks, alongside the ability to operate offline and integrate well-known offensive security scripts. The tool streamlines the penetration testing process with an interactive menu for selecting various attack methods and extensive built-in reconnaissance capabilities.

AI Summary: The Trickest Wordlists repository provides a collection of real-world information security wordlists, updated regularly for various technologies including popular CMS platforms and cloud assets. Its primary use case is to assist security professionals in penetration testing and vulnerability assessments by generating wordlists for directory bruteforcing and subdomain enumeration. Notable features include distinct wordlist formats for different scenarios, such as base and all levels for technology-based lists, as well as comprehensive data extracted from top websites’ robots.txt files and extensive subdomain inventories from public bug bounty programs.

AI Summary: WPForce is a comprehensive suite of tools designed for attacking WordPress installations, primarily focusing on brute-forcing login credentials via the API. Its notable features include the ability to automatically upload interactive shells post-authentication, dump WordPress password hashes, and pivot to a meterpreter session, making it suitable for penetration testing and post-exploitation scenarios. The tool leverages multi-threading to optimize the brute-force attack process while providing options for verbose output and error debugging.

AI Summary: WPProbe is a rapid scanning tool designed to detect installed WordPress plugins and themes through REST API enumeration and HTML discovery, mapping them to known vulnerabilities. It supports multiple scanning modes, including stealthy, brute-force, and hybrid methods, allowing detection of over 5,000 plugins without brute-force and many more with it. The tool fetches an updated vulnerability database automatically, eliminating the need for an API key by default, while still allowing for custom configurations and output formats.

AI Summary: WhiteWinterWolf’s PHP web shell is a lightweight tool designed for reliable remote server access, focusing on compatibility with both UNIX-like and Windows systems without requiring modifications. It addresses common limitations in existing web shells, such as incorrect assumptions about URLs, and supports clean PHP output execution while providing features like password protection, working directory setting, and dual file upload methods. The tool adheres to the KISS principle, making it straightforward to integrate with various exploitation techniques.

AI Summary: XAttacker is a comprehensive exploitation tool designed for scanning and auto-exploiting vulnerabilities in web applications, particularly those using popular Content Management Systems (CMS). It identifies the target website’s architecture, detects vulnerabilities, generates exploits, and provides the user with the relevant exploit link. Notable features include a vulnerability scanner, auto-exploiting capabilities, and support for multiple CMS platforms, along with dork search functionality across various search engines.

README

XAttacker V2.5 Tool FREE

XATTACKER A Massive Exploiting Tool capable of scanning and auto-exploiting vulnerabilities in web applications, By providing a target website to the tool, it auto detects its’ architecture if using a Content Management Service (CMS) and tries to find vulnerabilities based on the detected CMS, After finding the vulnerabilities the tool will generate an exploit for the website and send the user the link of the exploit.

AI Summary: XHUNTER is an advanced Android Remote Access Tool (RAT) designed for penetration testing and ethical hacking purposes. It simplifies the connection process between the attacker and victim by eliminating the need for complex port forwarding, offering a user-friendly interface for controlling a victim’s Android device. Notable features include the capability to build and bind payloads to legitimate applications and an intuitive setup process for immediate usability.

README

AI Summary: XSSer is an automated framework designed for the detection, exploitation, and reporting of Cross-Site Scripting (XSS) vulnerabilities in web applications. It features over 1300 pre-installed XSS attack vectors, sophisticated techniques for bypassing various web application firewalls (WAFs) and browsers, and is capable of operating on multiple platforms with dependencies on Python and essential libraries such as Selenium and BeautifulSoup.

README

• Web: https://xsser.03c8.net

Cross Site “Scripter” (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

AI Summary: XSS’OR is a versatile tool designed for exploiting cross-site scripting (XSS) vulnerabilities through JavaScript-based payloads. Its primary use case involves encoding, decoding, and probing potential attack vectors, making it applicable for security testing and penetration testing scenarios. Notable features include a web interface for payload manipulation, compatibility with both Python 2 and 3, and robust support for Docker deployment.

README

XSS’OR

XSS’OR - Hack with JavaScript.

ONLINE

You can have a try:

AI Summary: Yakit is an interactive application security testing platform that integrates the CyberSecurity Domain Specific Language (CDSL) for enhanced security operations. Its primary use case is to provide a comprehensive GUI for manipulating security testing capacities via a gRPC server, fully replacing tools like BurpSuite and offering unique features such as a visual web fuzzing tool and a plugin store for customizable security scripts. Additionally, Yakit allows non-coders to harness advanced security capabilities without programming knowledge, facilitating both local and remote deployment.

AI Summary: ZeusCloud is an open-source cloud security platform designed to discover, prioritize, and remediate security risks across AWS environments. Its notable features include asset inventory creation, attack path discovery, graphical visualization of risks, customizable security controls, and comprehensive remediation guides, all aligned with compliance standards such as PCI DSS and CIS benchmarks. This tool addresses the complexities and challenges of securing expanding cloud workloads with user-friendly and actionable insights.