AI Summary: The Information Collection Handbook is a comprehensive resource designed for penetration testers, focusing on effective information gathering techniques essential for vulnerability exploitation. It consolidates various methods and tools for domain and subdomain information collection, including online services, browser plugins, and advanced querying techniques, thereby enabling security professionals to uncover assets and vulnerabilities that may otherwise remain hidden. Notable features include detailed sections on Whois queries, DNS historical analysis, and strategies for bypassing content delivery networks (CDNs) to uncover real IP addresses.

AI Summary: The InfoSec Reference project serves as a comprehensive resource for individuals seeking to enhance their understanding of Information Security, offering a curated list of techniques, tools, and tactics. Its primary use case revolves around providing a “Yellow Pages” style reference for users to browse and learn about various aspects of infosec, helping them build skills and recall pertinent information. Notably, it encourages community contributions and maintains regular updates, while emphasizing a commitment to ethical practices in cybersecurity.

AI Summary: InQL is an open-source Burp Suite extension tailored for advanced GraphQL testing, enabling security professionals to effectively identify vulnerabilities within GraphQL APIs. It features a user-friendly interface, robust query manipulation capabilities, and integration with Burp’s existing tools, significantly enhancing the testing process for GraphQL applications.

README

InQL v6.1.2 - Burp Extension for Advanced GraphQL Testing

AI Summary: Insta-hack is a comprehensive tool designed for Instagram account compromise, featuring capabilities for information gathering, brute force attacks, and automated reporting. It operates on both Termux and Kali Linux without the need for root access and includes essential functionalities such as script updates and removals. The tool is intended strictly for educational use, with a clear emphasis on responsible usage.

README

About tool

All in one Instagram hacking tool available (Insta information gathering, Insta brute force, Insta account auto repoter)

AI Summary: Instabruteforce is a Python-based tool designed for brute-forcing Instagram accounts using a list of proxies. Its primary use case is to test account security by attempting to crack passwords from a supplied list, with features that include proxy management, statistics tracking, and customizable bot modes for varying performance. The program also incorporates a pruning system to optimize proxy usage by removing underperforming proxies from its database.

README

Instagram Bruter

This program will brute force any Instagram account you send it its way given a list of proxies.

AI Summary: Instagram Monitor is a comprehensive OSINT tool designed for real-time tracking of Instagram activities, including post updates, follower changes, and profile modifications. Key features include interactive dashboards, anonymous media downloads, smart notifications via multiple channels, and enhanced privacy settings to simulate human behavior and avoid detection. This tool effectively provides insights into user engagement and media management, making it vital for social media analysts.

README

instagram_monitor

AI Summary: Instagram-Hacker is a Python script designed for performing bruteforce attacks on Instagram accounts. Its primary use case is to automate the process of testing multiple password combinations for a given username using predefined password lists. Notable features include the requirement for the mechanize and requests libraries, and the option to integrate with Tor for enhanced anonymity during the attack process.

README

Instagram-Hacker

This is a script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!

AI Summary: InstagramPrivSniffer is a digital investigation tool designed for accessing and analyzing posts from private Instagram accounts that are made visible through collaborations with public accounts. Notable features include the ability to download and view media from these private accounts, serving primarily as an OSINT resource for cybersecurity professionals. The tool is intended strictly for educational and research purposes, and its use should be approached with legal considerations in mind.

AI Summary: Instahack is a robust brute-force framework designed for testing Instagram accounts, utilizing Bash and Python for efficient password testing. It features multi-threading, Tor integration for anonymity, and customizable attack options, enabling users to conduct ethical penetration testing and OSINT gathering. The tool supports auto-resume capabilities and is optimized for high-volume password attempts.

README

🚀 Instahack - Advanced Instagram Brute Force Framework

🔍 About Instahack

Instahack is a high-performance Instagram brute-force tool crafted in Bash and Python, capable of testing millions of passwords efficiently. It uses Tor routing, Instagram Android app signatures, and customizable attack logic for stealthy, anonymous operations.

AI Summary: Instaloader is a command-line tool designed for downloading media from Instagram profiles, including photos, videos, stories, comments, and geotags. It supports both public and private profiles, offers features for handling profile name changes, and includes options for filtering and customizing download locations. Additionally, it allows users to efficiently update local copies of profiles and preserves session cookies for seamless access to private content.

README

.. image:: https://raw.githubusercontent.com/instaloader/instaloader/master/docs/logo_heading.png

.. badges-start

AI Summary: Interlace is a command-line tool designed to enhance single-threaded applications by enabling multi-threading capabilities, specifically for penetration testing and bug bounty workflows. It supports CIDR and glob notation for target specification and allows users to define multiple parameters such as timeouts, threads, and various command options, facilitating efficient execution across various targets. Notable features include the ability to pipe target lists, utilize multiple proxies, and specify complex command files for diverse testing scenarios.

AI Summary: Inventory is a tool designed for attack surface management of public bug bounty programs, aggregating DNS and web server data from over 800 organizations. Its primary use case is to assist bug bounty hunters in efficiently identifying and monitoring new assets while providing security teams with enhanced visibility into their assets. Notable features include automated data collection and transformation from multiple sources, duplicate program merging, and both passive and active enumeration workflows for comprehensive reconnaissance.

AI Summary: The iOS/macOS penetration testing cheatsheet provides a curated list of tools and resources for conducting security assessments on iOS and macOS applications, including utilities for static analysis, obfuscation, and jailbreak checks. Notable features include links to tools such as MobSF, Frida, and Objection, facilitating the testing of application vulnerabilities across platforms. This repository serves as a comprehensive guide for security professionals looking to enhance their penetration testing workflows on Apple devices.

AI Summary: IP-Tracer is a command-line tool designed for Termux and Linux systems that allows users to track IP addresses by retrieving detailed information through the ip-api service. Its primary use case includes identifying the geographic and network details of both the user’s own IP address and that of other targets, with straightforward command syntax for operation. Notable features include installation ease, simple command-based usage, and the ability to gather IP data quickly.

AI Summary: Interactive PDF Analysis (IPA) is a graphical tool designed for researchers to deeply explore and analyze the contents of PDF files, particularly focusing on suspicious or potentially malicious documents. Key features include metadata extraction, structural examination of PDF objects, visualization of object references, and the ability to salvage information from corrupted files, all without requiring external dependencies. The tool aims to enhance user experience compared to traditional command-line analysis methods, facilitating a clearer understanding of the relationships among various document elements.

AI Summary: IPAPatch is a tool designed for patching iOS applications without the need for jailbreaking, enabling developers to inject custom code into third-party IPA files. Key features include the ability to debug applications using lldb, link external frameworks seamlessly, and generate modified distributable IPA files, allowing easy sharing of customized applications. This tool is particularly useful for developers looking to manipulate app behavior or integrate additional functionality within existing iOS apps.

AI Summary: Ipdrone is a Python-based tool designed for IP lookup and geolocation tracking, intended for use on both rooted and non-rooted Android devices via Termux. Notable features include real-time location tracking, ease of use for beginners, and consistent updates, enabling users to gather detailed information about specific IP addresses.

README

ABOUT TOOL :

Ipdrone is a simply python script, which can be used to Ip lookup and to get information of perticualr target Ip. This tool works on both rooted Android device and Non-rooted Android device.

AI Summary: IpHack is a Python-based tool designed for tracking IP locations and performing network testing. Its primary use case includes determining the geographical location of IP addresses, checking proxy status, and gathering detailed device information based on IP, with notable features such as an enhanced design, the ability to search for IPs behind Cloudflare, and various inquiry methods for making requests. The tool can be easily installed via pip and offers functionalities to track both direct IP addresses and domains, as well as to verify proxies.

AI Summary: IPRanges is a tool that compiles and lists the IP address ranges for various cloud services and platforms, including Google, Amazon, Microsoft, and others. It provides separate text files for IPv4 and IPv6 addresses, categorized into unmerged and merged formats for efficiency. The dataset is updated daily and sourced from publicly available information, making it useful for network management and security configurations.

README

IPRanges

List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), DigitalOcean, GitHub, Facebook (Meta), Twitter, Linode, Telegram, OpenAI (GPTBot), CloudFlare, Vultr, Apple (Private Relay) and ProtonVPN with daily updates.

AI Summary: IVRE (Instrument de veille sur les réseaux extérieurs) is a comprehensive network reconnaissance framework designed for both passive and active reconnaissance. It integrates multiple data sources and tools such as Zeek, Nmap, and Masscan, enabling users to gather extensive information about networks efficiently. Notable features include a web interface for data visualization, support for various database backends, and a modular architecture that allows for easy integration of additional tools.

AI Summary: JADX-AI-MCP is a fully automated server and plugin designed for analyzing Android APK files via large language models (LLMs) such as Claude, enabling efficient vulnerability discovery, APK analysis, and reverse engineering. Key features include seamless MCC communication and integration with powerful LLMs to enhance static analysis and security assessments within the Android development ecosystem.

README

AI Summary: Jaeles is a robust and extensible web application scanning framework developed in Go, designed to facilitate the creation of customized scanners for identifying vulnerabilities. Its primary use case is in the security assessment of web applications, featuring capabilities such as signature-based scanning, integration with Burp Suite, and extensive reporting options. Notable features include the ability to scan multiple URLs concurrently, customizable signature definitions, and Docker support for streamlined deployment.

AI Summary: The Jak Project is a tool designed to port the original Jak and Daxter trilogy from PS2 to PC by decompiling the game’s custom LISP language, GOAL, into a human-readable format. It features the development of a custom GOAL compiler for x86-64 architecture, along with tools to extract and modify game assets, ensuring high performance and compatibility with the original game’s mechanics, including live code modification during runtime. Users must have a legally obtained copy of the game, as the project does not include game assets.

AI Summary: The Java-Deserialization-Cheat-Sheet is a comprehensive resource designed for penetration testers and researchers focusing on deserialization vulnerabilities across various Java serialization libraries. It provides an extensive overview, including payload generators, exploit techniques, detection methods, and protection strategies across multiple serialization frameworks such as XStream, Jackson, and Kryo. Notably, the repository consolidates critical information and references, aiding professionals in identifying and exploiting Java deserialization weaknesses effectively.

README

Java-Deserialization-Cheat-Sheet

A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries.

AI Summary: JByteMod-Beta is a multifunctional bytecode editor designed for manipulating Java bytecode with features such as syntax highlighting, live decompiling, and method graphing. Its primary use case is for developers seeking to analyze and edit Java .jar or .class files efficiently. Notable features include a plugin architecture for extending functionality, integration with popular decompilers like Procyon and Fernflower, and a user-friendly command-line interface.

README

JByteMod-Beta

JByteMod is a multifunctional bytecode editor with syntax highlighting and live decompiling and method graphing. The successor of JByteMod: https://github.com/GraxCode/Cafebabe