AI Summary: .NET Obfuscator is a protection tool designed for .NET applications, aimed at preventing reverse engineering by transforming the original code into a format that is difficult to decipher. Its notable features include the ability to obscure intellectual property, enhance security against vulnerabilities, and reduce code size for improved application performance.

README

.NET-Obfuscator

.NET Obfuscator is a tool that is used to protect .NET applications from reverse engineering.

• This is done by transforming the original .NET code into a form that is difficult to understand, making it hard for attackers to decompile the code and understand how it works.

AI Summary: AboutSecurity is a comprehensive security assessment tool that provides a variety of dictionaries and payloads tailored for penetration testing tasks. Its features include an extensive set of predefined dictionaries for different attack vectors, a range of skills related to reconnaissance, exploitation, and post-exploitation, as well as external tool integration for scanning and fuzzing, complemented by reference documentation for effective team collaboration.

README

AboutSecurity

• Dic
  • Auth : 认证字典
    • 账号和密码。
  • Network : 网络
    • 排除的私有 IP 段、本地 IP 段、dns 服务器列表。
  • Port : 端口字典
    • 按照端口渗透的想法,将不同端口承载的服务可爆破点作为字典内容。
  • Regular : 规则字典
    • 各种规则、排列的字典整理。
  • Web : Web 字典
    • web 渗透过程中出现的可爆破点作为字典内容。
• Payload
  • Burp
  • CORS
  • email
  • Format
  • HPP
  • LFI
  • OOB
  • SQL-Inj
  • SSI
  • XSS
  • XXE
• Skills — AI Agent 技能方法论 (55 skills)
  • recon (5) : 侦察类 — 资产侦察、被动信息收集、子域名深挖、目标画像、社会工程
  • exploit (26) : 漏洞利用类 — SQL 注入、XSS、SSTI、文件上传、反序列化、JWT、GraphQL、SSRF/XXE、CORS、CSRF、OAuth、WebSocket、竞态条件、缓存投毒/请求走私等
  • ctf (5) : CTF 竞赛类 — Web 解题方法论、CTF 侦察、源码审计、Flag 搜索、Flag 校验
  • postexploit (6) : 后渗透类 — Linux/Windows 后渗透、提权检查、凭据喷射、横向移动、持久化
  • lateral (3) : 内网渗透类 — AD 域攻击、内网侦察、多层网络穿透
  • cloud (2) : 云环境类 — 云元数据利用、IAM 权限审计与提权
  • evasion (4) : 免杀对抗类 — C2 框架免杀、Shellcode Loader 生成、免杀技术整合、安全研究
  • general (4) : 综合类 — 红队评估、移动后端 API、报告生成、供应链审计
  • 📊 Skill Benchmark: python scripts/bench-skill.py --all — A/B 测试 Skill 对 Agent 的实际效果
• Tools — 外部工具声明式 YAML 配置
  • scan : 扫描工具 (nmap, masscan)
  • fuzz : Fuzz 工具 (dirsearch)
• Doc
  • Checklist : 渗透测试过程中的检查项,杜绝少测、漏测的情况。
  • Cheatsheet : 渗透测试信息收集表,渗透测试时直接复制一副作为参考、信息记录、方便团队协作、出报告等。
  • 出报告专用 : 记录部分平常渗透测试遇到的案例。
  • 行业名词

参考

• https://github.com/anthropics/skills/blob/main/skills/skill-creator/SKILL.md
• https://github.com/ljagiello/ctf-skills
• https://github.com/JDArmy/Evasion-SubAgents

AI Summary: Above is a network security sniffer designed for penetration testers and security engineers to identify vulnerabilities in network equipment through traffic analysis. It operates silently, leveraging the Scapy library, and supports the detection of up to 28 protocols, including ARP, EAPOL, and various SCADA protocols. Users can operate it in ‘hot’ mode for real-time sniffing or ‘cold’ mode for analyzing pre-captured traffic dumps, with features like passive ARP detection and VLAN segment search.

AI Summary: Agentic Radar is a security scanner specifically designed for analyzing agentic workflows, enabling users to identify vulnerabilities within their processes. Key features include Agentic Prompt Hardening, testing for vulnerabilities, and integration with CI/CD workflows, ensuring that security is maintained throughout the development lifecycle.

README

A Security Scanner for your agentic workflows!

AI Summary: ALLiN is a versatile penetration testing tool designed for lateral movement assessments within intranets, capable of handling a wide variety of target formats such as links and CIDR notations. Notable features include support for both Python 2.7 and 3.x, passive identification of web frameworks and components, extensive fingerprint data, and the ability to work across platforms when compiled with pyinstaller. It efficiently organizes scan results and offers multiple configuration options for targeting, threading, and reporting, making it a comprehensive solution for security professionals.

AI Summary: Ambiguous PNG Packer is a tool designed to create PNG files that display differently when viewed in Apple software versus non-Apple software. Its primary use case is to demonstrate the manipulation of image rendering based on the viewer’s platform, showcasing unique features such as the ability to produce different images through refreshes, highlighting potential vulnerabilities in Apple’s image handling mechanisms.

README

Ambiguous PNG Packer

Craft PNG files that appear completely different in Apple software

AI Summary: Android Unpinner is a tool designed to facilitate the removal of SSL certificate pinning from Android APKs without requiring root access. Utilizing the Frida framework, it modifies only the AndroidManifest.xml file to enable debugging, while dynamically injecting a Frida Gadget via ADB to perform the unpinning process. The tool is equipped with comprehensive dependencies for cross-platform use and supports handling XAPKs by extracting and installing split APKs effectively.

AI Summary: Anthropic Cybersecurity Skills is an extensive open-source repository that provides AI agents access to 753 structured cybersecurity skills across 26 domains, offering capabilities such as memory forensics and Kubernetes RBAC auditing. The skills adhere to the agentskills.io standard, featuring a YAML structure for quick discovery and are fully mapped to MITRE ATT&CK and aligned with NIST CSF 2.0, enabling AI agents to perform advanced security tasks with enhanced contextual knowledge. This tool simplifies installation and empowers various platforms like Claude Code and GitHub Copilot to integrate these capabilities efficiently.

AI Summary: Antivmdetection is a utility script designed to obscure virtual machine (VM) detection techniques by modifying settings within VirtualBox without altering its base. Its primary use case is for enhancing the anonymity of VMs by generating a shell template for host-side modifications and a Windows PowerShell script for guest-side adjustments, addressing various malware fingerprinting methods. Notable features include the ability to automate the configuration process while maintaining compatibility across VirtualBox updates and generating necessary scripts for both host and VM installations.

AI Summary: APKLeaks is an automated tool for scanning Android APK files to identify potentially sensitive information such as URIs, endpoints, and secrets. It integrates with the JADX disassembler for decompilation and offers customizable pattern matching through user-defined JSON files, alongside various output options, including text and JSON formats. Key features include support for disassembler arguments, making it flexible for advanced usage scenarios in security assessments of mobile applications.

README

APKLeaks

AI Summary: AppleNeuralHash2ONNX is a tool that converts Apple’s NeuralHash model, used for CSAM detection, into the ONNX format, allowing for greater integration and use in various deep learning frameworks. Notable features include the ability to tolerate image resizing and compression, and a comprehensive conversion process that includes decoding model components stored in LZFSE format. The repository also provides a demo script for testing the converted model’s functionality.

README

AppleNeuralHash2ONNX

Convert Apple NeuralHash model for CSAM Detection to ONNX.

AI Summary: APT_REPORT is a comprehensive collection of threat intelligence, samples, and reports on advanced persistent threat (APT) groups, particularly those linked to specific countries. It focuses on detailed analyses of various APT campaigns, enabling users to understand tactics and recent developments in cyber threat landscapes. Notable features include references to extensive case studies and operational details of prominent threat actor groups, enhancing situational awareness for cybersecurity professionals.

README

APT_REPORT collected by @blackorbird https://x.com/blackorbird

Interesting apt report & sample & malware & technology & intellegence collection

AI Summary: Argus is a Python-based toolkit designed for information gathering and reconnaissance, enabling security analysts to assess networks, web applications, and security environments effectively. It integrates a user-friendly interface with numerous reliable modules, facilitating the efficient execution of reconnaissance tasks. Notably, it offers various installation options including direct execution, pip installation, and Docker support, ensuring ease of use across different environments.

README

A Python-based toolkit for Information Gathering & Reconnaissance

AI Summary: Artemis is a modular vulnerability scanner designed for assessing website security, primarily used by CERT PL for scanning activities. Its notable features include the ability to automatically generate user-friendly reports detailing specific vulnerabilities, such as exposed version control system data and outdated software versions, which aids organizations in mitigating security risks.

README

Artemis is a modular vulnerability scanner. It’s the tool that powers CERT PL scanning activities by checking various aspects of website security and building easy-to-read messages ready to be sent to the scanned organizations.

AI Summary: AttackSurfaceMapper is a reconnaissance tool designed to enhance the attack surface mapping of specified domains, subdomains, and IP addresses through a combination of open-source intelligence and active techniques. It automates the discovery of additional targets using methods such as bruteforcing, passive lookups, and network scanning, while also conducting passive reconnaissance activities like website screenshot capture, visual mapping, and credential checking against public breach databases. Notable features include customizable output formats, optional API integrations for enhanced data collection, and various reconnaissance modes including a stealthy passive option.

AI Summary: AutoPentestX is an automated penetration testing toolkit designed for streamlined security assessments. Its primary use case is to facilitate vulnerability scanning and testing in Linux environments, offering features that simplify the process of identifying and exploiting security weaknesses. The toolkit supports Python 3.8 and above, underscoring its compatibility with modern scripting standards and enhancing its applicability in cybersecurity workflows.

README

AutoPentestX - Automated Penetration Testing Toolkit

AI Summary: AutoPWN Suite is a comprehensive tool designed for automatic vulnerability scanning and exploitation of systems, leveraging advanced scanning techniques such as nmap TCP-SYN scans to identify software versions and associated vulnerabilities. Key features include automatic vulnerability detection, web application testing for various exploits (LFI, XSS, SQLI), configurable scanning options, noise and evasion modes, along with easy result sharing via webhooks or email, and compatibility across multiple operating systems.

AI Summary: AutoSploit is a tool designed to automate the exploitation of remote hosts by leveraging data from services like Shodan, Censys, and Zoomeye for target acquisition. It facilitates the execution of Metasploit modules aimed at achieving Remote Code Execution and establishing reverse connections or Meterpreter sessions. Notable features include the ability to specify custom targets, set proxy configurations, and manage operational security through options like using a VPS for operation.

AI Summary: Awesome Censys Queries is a curated collection of unique and diverse queries intended for use with the Censys search engine, facilitating the exploration of various network services and devices. Its primary use case is to aid security researchers and network administrators in identifying and analyzing infrastructure, particularly in areas like industrial control systems, IoT devices, and database services. Notable features include organized categories for easy navigation, direct links to search results, and contributions from the community for expanding query resources.

AI Summary: Awesome hacking is an awesome collection of hacking tools.

Awesome hacking is an awesome collection of hacking tools.

AI Summary: Awesome-Redteam is a comprehensive knowledge base designed for red teaming and offensive security research, providing users with a curated collection of tools, scripts, and tips. It features organized sections covering various aspects such as cybersecurity cheat sheets, cryptographic methods, cyberspace search tools, and open-source intelligence resources, all intended for educational purposes. The repository emphasizes legal usage and warns against employing its content for unauthorized activities.

README

Awesome-Redteam

❗【免责声明】本项目所涉及的技术、思路和工具仅供学习，任何人不得将其用于非法用途和盈利，不得将其用于非授权渗透测试，否则后果自行承担，与本项目无关。 使用本项目前请先阅读 法律法规。

AI Summary: Bandit is a security linter specifically designed to identify common security vulnerabilities in Python code by analyzing the Abstract Syntax Tree (AST) of the source files. Its primary use case is to enhance code security through comprehensive scanning and reporting, and it features the ability to run various plugins to detect different types of security issues. Bandit also supports containerization, allowing it to be easily deployed as a Docker image for versatile integration into development workflows.

AI Summary: Bashfuscator is a modular Bash obfuscation framework implemented in Python 3 that specializes in generating highly obfuscated Bash commands and scripts to evade detection on Linux systems. Designed for both Red Team and Blue Team operations, it allows users to produce randomized, convoluted Bash code that still executes the intended commands, effectively aiding in the development of obfuscation techniques and detection testing. Key features include command line and library usage, a variety of obfuscation mutators, and compatibility with GNU Linux systems running Bash 4.0 or newer.

AI Summary: BBOT is a versatile reconnaissance tool designed primarily for automating tasks related to bug bounties and attack surface management (ASM). Notable features include comprehensive subdomain enumeration, web crawling to extract sensitive information, and an efficient integration of multiple APIs to enhance data gathering effectiveness. The tool also boasts a real-time visualization capability, allowing users to intuitively analyze results.

README

BEE·bot is a multipurpose scanner inspired by Spiderfoot, built to automate your Recon, Bug Bounties, and ASM!

https://github.com/blacklanternsecurity/bbot/assets/20261699/e539e89b-92ea-46fa-b893-9cde94eebf81

AI Summary: Binder Trace is a Python-based tool designed for intercepting and parsing Android Binder messages, functioning similarly to Wireshark for Binder communication. It requires a rooted Android device or emulator and leverages Frida for live analysis, allowing users to attach to specific processes and capture Binder transactions. Notable features include support for various Android versions, customizable structure files, and interactive controls for navigating captured data.

README

Binder Trace

Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as “Wireshark for Binder”.

AI Summary: Blackbird is an OSINT tool designed for rapid username and email searches across over 600 platforms, integrating AI-powered profiling for enhanced data analysis. Notable features include community-driven accuracy, smart filters, automated analysis, and the ability to export results as PDF or CSV files. It leverages tools like WhatsMyName to provide low false positive rates while ensuring user privacy during its operations.

README

Blackbird

Blackbird is a powerful OSINT tool that combines fast username and email searches across more than 600 platforms with free AI-powered profiling. By leveraging community-driven projects like WhatsMyName, it ensures low false positive rates and high-quality results. Features include smart filters, polished PDF/CSV exports, and fully automated analysis — all from a single CLI.

AI Summary: BlackWidow is a Python-based web application spider designed for gathering critical information from target websites, including subdomains, URLs, dynamic parameters, email addresses, and phone numbers. It features an integrated fuzzer, Inject-X, which scans dynamic URLs for common OWASP vulnerabilities, and automatically saves collected data into organized text files. Notable functionalities include deep crawling with customizable levels, verbose logging, and support for fuzzing unique parameters for enhanced security testing.

AI Summary: Bluing is a specialized intelligence gathering tool designed to exploit vulnerabilities in Bluetooth protocols, facilitating various hacking techniques on Bluetooth devices. It provides essential features such as device address cleaning, hardware compatibility checks, and command options for managing Bluetooth connections, including Basic Rate and Low Energy systems. The tool is primarily intended for use on Linux operating systems, leveraging dependencies like BlueZ and requires Python 3.10 for installation.

AI Summary: bopscrk is a targeted wordlist generator designed for crafting customized password lists based on personal information related to a specific target. Its notable features include the ability to combine various word combinations, perform customizable case and leet transformations, and leverage lyrics from artists for enhanced wordlist creation, all accessible through an interactive mode or a command-line interface. The tool is included in the BlackArch Linux penetration testing distribution and is built with Python 3.

AI Summary: The Bug Bounty Writeups repository serves as a comprehensive collection of write-ups documenting various types of security vulnerabilities encountered during bug bounty hunts, such as XSS, CSRF, and SQL injection. Its primary use case is to provide guidance and examples for ethical hackers and security researchers looking to enhance their skills and avoid common pitfalls in vulnerability disclosure. Notable features include a structured organization of write-ups by vulnerability type and the use of Bash for automation in certain contexts.

AI Summary: The Burp Suite Certified Practitioner Exam Study repository contains comprehensive study notes and practical labs designed to aid candidates in preparing for the Burp Suite Certified Practitioner (BSCP) Exam. It includes over 110 labs covering essential topics such as scanning, footholds, privilege escalation, and data exfiltration, alongside practical techniques and scripts tailored for effective web application security testing. Notable features include a structured approach to vulnerability assessment and recommendations for additional training materials and resources to enhance exam readiness.

AI Summary: Buster is a comprehensive Open Source Intelligence (OSINT) tool designed for email reconnaissance, capable of gathering social account links, breaches, and associated domains for a given email address. Notable features include the ability to generate potential emails and usernames, verify existing emails, and query various online sources and databases for comprehensive results. The tool is particularly useful for security researchers and investigators needing to gather detailed information on individuals or validate email addresses.

AI Summary: C2 Tracker is a community-driven IOC feed that aggregates IP addresses related to known malware, botnets, and command-and-control (C2) infrastructures by leveraging searches from platforms like Shodan. Its primary use case is to facilitate threat intelligence by providing a regularly updated feed that can be ingested by various SIEM and EDR systems, enhancing detection and investigation capabilities. Notable features include version-controlled historical data, weekly updates, and compatibility with tools like OpenCTI and FortinetSIEM for streamlined integration and alerting.

AI Summary: Cybersecurity AI (CAI) is a robust framework designed for enhancing cybersecurity measures by leveraging artificial intelligence. Its primary use case involves threat detection and incident response, making it suitable for both community and professional environments. Notable features include multi-platform support, advanced token management in the Professional Edition, and real-time performance benchmarks that are accessible for evaluation.

README

Cybersecurity AI (CAI)

AI Summary: CANalyzat0r is a modular and extensible tool designed for analysis and management of Controller Area Network (CAN) traffic, including support for CAN FD. It features a graphical user interface for comfortable analysis, multi-interface support, project management capabilities, and advanced functionalities such as threaded sending, fuzzing, and packet filtering, making it a comprehensive solution for CAN traffic analysis and experimentation.

README

This software project is a result of a Bachelor’s thesis created at SCHUTZWERK in collaboration with Aalen University by Philipp Schmied (@CaptnBanana).

AI Summary: Cansina is a web content discovery application designed to identify hidden resources in web applications by sending requests and analyzing responses. Its primary use case is for penetration testing, offering features such as data persistence with SQLite, multithreading, customizable headers, and comprehensive filtering options. Notable functionalities include support for multiple wordlists, SSL and proxy capabilities, and integrated tree viewing of results, making it a versatile tool for security professionals.

AI Summary: CAPE (Malware Configuration And Payload Extraction) is an advanced malware sandbox designed to execute and analyze malicious files in an isolated environment while capturing dynamic behavior and forensic artifacts. Key features include automated malware unpacking, YARA signature-based classification, comprehensive API hooking for behavioral instrumentation, and detailed memory and network traffic analysis. CAPE enhances traditional sandboxes with interactive desktop capabilities and sophisticated unpacking techniques, making it a powerful tool for malware research and analysis.

AI Summary: CatSniffer is a versatile multiprotocol and multiband hardware tool designed for the sniffing, communication, and exploitation of Internet of Things (IoT) devices. It supports various wireless technologies, including LoRa, Sub-1 GHz, and 2.4 GHz, and is compatible with multiple third-party software applications, allowing customization and extensive functionality for IoT security researchers and developers. Key features include a built-in USB-UART bridge, support for various protocols, and a flexible design that enables the integration of different antennas and easy programming.

AI Summary: The Censys Subdomain Finder is a command-line tool designed to enumerate subdomains associated with a specified domain using Certificate Transparency logs from Censys. It retrieves subdomains that have ever been issued an SSL certificate by a public Certificate Authority, offering features such as output to a text file and support for API authentication. Notably, users must set up an account with Censys to access the API, as free accounts will face limitations beginning in late 2024.

AI Summary: changeme is a default credential scanner designed to identify default and backdoor credentials, with a focus beyond common credentials. It features support for multiple protocols, including HTTP, MSSQL, MySQL, PostgreSQL, SSH, SNMP, and FTP, and allows users to easily configure new credentials via YAML files without code changes. The tool offers flexible target loading options and can run efficiently using Docker, particularly with Redis as a queue backend, making it suitable for diverse scanning tasks across network environments.

AI Summary: Ciphey is a fully automated tool designed for decryption, decoding, and cracking of encoded data, leveraging natural language processing and artificial intelligence techniques. Its primary use case is to assist cybersecurity professionals and enthusiasts in deciphering encrypted messages and files without requiring prior knowledge of the encryption methods used. Notable features include support for various installation methods (Python, Docker, MacPorts, Homebrew) and a user-friendly interface that simplifies the decryption process.

AI Summary: Clairvoyance is a tool designed to extract GraphQL API schemas even when introspection is disabled, thereby facilitating schema discovery in environments such as production where introspection is typically forbidden. It outputs the schema in a JSON format compatible with other visualization and analysis tools, and it can be easily installed via pip or Docker, allowing users to customize their schema extraction processes using various wordlists.

README

Clairvoyance

Obtain GraphQL API schema even if the introspection is disabled.

AI Summary: ClatScope is an advanced OSINT tool designed for comprehensive online reconnaissance, catering to investigators and cybersecurity professionals. It consolidates data from multiple APIs to deliver insights on IP addresses, domains, emails, and personal data, while offering features such as username verification across numerous platforms, phone number validation, and email security checks. ClatScope Mini provides a simplified version for quick operations without API configuration, making it accessible for immediate use.

AI Summary: Claude Bug Bounty is an AI-powered agent harness tailored for professional bug bounty hunting, enabling users to streamline their testing processes. It intelligently orchestrates over 25 tools, remembers past findings across targets, validates vulnerabilities to reduce false positives, and generates ready-to-submit reports in under a minute. Notable features include Burp MCP integration for live traffic monitoring and an autonomous hunting mode that simplifies the testing workflow.

README

Claude Bug Bounty

The AI-Powered Agent Harness for Professional Bug Bounty Hunting

Your AI copilot that sees live traffic, remembers past hunts, and hunts autonomously.

AI Summary: CloakifyFactory is a tool designed for text-based steganography that transforms any file type into a list of innocuous strings, enabling covert data exfiltration and infiltration while evading detection by data loss prevention systems and analysts. Key features include the ability to cloak various file formats, social engineering capabilities to mislead security reviews, and the option to add noise for enhanced resistance against frequency analysis. It serves as an educational tool for introducing concepts of cryptography and steganography, though it is not secure for sensitive data without prior encryption.

AI Summary: cloud_enum is a multi-cloud OSINT tool designed for the enumeration of public resources across AWS, Azure, and Google Cloud Platform. Its notable features include the ability to identify open and protected cloud resources, such as S3 buckets, Azure storage accounts, and Firebase databases, utilizing customizable keyword inputs for comprehensive scanning. Although currently less maintained, the tool is positioned for migration to the Nuclei framework for improved functionality and community contributions.

AI Summary: CloudFail is a reconnaissance tool designed to uncover the origin server of targets protected by Cloudflare by utilizing three distinct attack phases: misconfigured DNS scans, querying the Crimeflare database, and brute-forcing over 2500 subdomains. The tool operates through Tor to maintain anonymity while performing these scans, making it particularly useful for security researchers conducting penetration tests or academic inquiries. Key features include seamless integration with Tor for privacy, a focus on potential DNS misconfigurations, and an easy-to-use scanning interface.

AI Summary: Coercer is a Python tool designed for assessing and exploiting Remote Procedure Calls (RPCs) on Windows servers, facilitating the coercion of authentication onto arbitrary machines. Key features include the ability to list and connect to SMB pipes, invoke vulnerable RPC functions with random UNC path generation, and customizable export formats such as SQLite, JSON, and XSLX for scan and fuzz modes. It supports both authenticated and unauthenticated scans, making it valuable for security assessments and penetration testing.

AI Summary: Commix is an open-source penetration testing tool designed for automating the detection and exploitation of command injection vulnerabilities in web applications. It supports multiple Python versions and includes extensive documentation with usage examples, facilitating ease of deployment and operation for security professionals. Notable features include comprehensive exploitation capabilities and a user-friendly interface for navigating various commands and options.

README

Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos (@ancst), that automates the detection and exploitation of command injection vulnerabilities.

AI Summary: Corsy is a lightweight CORS misconfiguration scanner designed to identify vulnerabilities in web applications’ Cross-Origin Resource Sharing implementations. It features a versatile command-line interface that supports scanning URLs directly or from files, utilizes customizable HTTP headers, and provides options for threading, request delays, and exporting results to JSON. Notably, it implements a comprehensive suite of tests to uncover various CORS-related bypass opportunities.

README

Corsy

CORS Misconfiguration Scanner

AI Summary: Cr3dOv3r is a Python-based tool designed for detecting credential reuse vulnerabilities by querying public data leaks and verifying whether compromised credentials can access popular websites. Its notable features include integration with the Have I Been Pwned API for leak search and functionality to test the validity of leaked passwords against various online platforms while detecting CAPTCHA prompts. This tool is particularly useful for penetration testing and security assessments.

AI Summary: Cracker-Tool is a multifunctional hacking and penetration testing toolbox designed for Termux users, featuring a variety of capabilities including IP tools, subdomain scanning, DDoS attacks, SQL injections, and more. Notable functionalities include Cloudflare bypass for DDoS, identity generators, and a variety of administrative tools, making it a comprehensive resource for security testing. The tool is implemented in Python and Bash, emphasizing ease of installation and set up within the Termux environment.

AI Summary: CrossLinked is a LinkedIn enumeration tool that leverages search engine scraping to extract valid employee names from targeted organizations, enabling enumeration without the need for API keys or direct LinkedIn access. It supports customizable naming conventions for output formatting and offers features like proxy rotation and the ability to parse data into both text and CSV files. This tool is particularly useful for security researchers and penetration testers looking to gather information about potential targets.

AI Summary: The crypto-attacks repository provides Python implementations of various cryptographic attacks and utilities, primarily focusing on attacking RSA using methods such as the Boneh-Durfee attack. Notable features include the ability to customize parameters for specific attacks, integration with SageMath for advanced mathematical computations, and a structured approach for unit testing and utilizing the attack scripts.

README

Introduction

Python implementations of cryptographic attacks and utilities.

Requirements

• SageMath with Python 3.9
• PyCryptodome

You can check your SageMath Python version using the following command:

AI Summary: The Crypto-Cat/CTF repository serves as a comprehensive resource for Capture The Flag (CTF) challenges, offering write-ups, scripts, and files aligned with video walkthroughs. Its primary use case is to aid users in learning and solving various CTF challenges through curated links to additional resources, including pentesting and reverse engineering tools. Notable features include an extensive directory of CTF platforms, resources for blue team activities, and a collection of cybersecurity educational content.

AI Summary: The ctf-skills repository provides an extensive collection of agent skills designed to facilitate the solving of Capture The Flag (CTF) challenges across various domains, including web exploitation, binary pwn, reverse engineering, and more. Notable features include support for multiple installation methods, a comprehensive tool installer script, and detailed skill documentation for on-demand use, allowing users to efficiently integrate the necessary tools as challenges arise. It is compatible with any tool adhering to the Agent Skills specification, enhancing its versatility in competitive cybersecurity contexts.

AI Summary: CTFR is a tool designed to extract subdomains from HTTPS websites by leveraging Certificate Transparency logs, rather than employing conventional dictionary or brute-force attacks. Its primary use case is for cybersecurity professionals and researchers to quickly enumerate subdomains for a given target domain, with features that allow output to a specified file. The tool is straightforward to install and run, requiring only Python and pip, and offers a simple command-line interface for usage.

AI Summary: The CVE-2023-38831 winrar exploit generator is a tool designed to create proof-of-concept (PoC) exploits for a recently discovered vulnerability in WinRAR versions up to 6.22. It allows users to customize bait files, such as images or documents, along with malicious script files to generate a malicious RAR archive. Notable features include an easy-to-use command-line interface for generating exploits and the ability to customize payloads according to user specifications.

AI Summary: CVE-bin-tool is a static analysis tool designed to identify vulnerable dependencies in binary artifacts by comparing them against known Common Vulnerabilities and Exposures (CVEs). Its primary use case is to streamline the security assessment process in software projects, enabling developers to detect and remediate vulnerabilities efficiently. Notable features include support for various package formats, a comprehensive vulnerability database, and integration capabilities with CI/CD pipelines for automated security checks.

AI Summary: The CyberSecurity repository offers a comprehensive collection of resources and tools aimed at individuals interested in cybersecurity, encompassing a wide range of topics from security models and threat identification to practical tools for ethical hacking. Notable features include a curated list of command-line and graphical user interface tools for pentesting, along with educational content covering ethical and legal aspects, security frameworks, and network fundamentals. This repository serves as a valuable reference for both newcomers and experienced professionals in the cybersecurity domain.

AI Summary: The Cybersecurity Projects repository offers a collection of 67 hands-on projects spanning from beginner to advanced levels, designed to enhance practical skills in cybersecurity. It includes structured certification roadmaps for various roles within the field, as well as a comprehensive array of learning resources such as tools, courses, and frameworks for cybersecurity professionals. Notable features include the full source code availability for projects, covering diverse topics like port scanning, keylogging, and encryption techniques.

AI Summary: DDoS-Ripper is a Python-based tool designed to simulate Distributed Denial-of-Service (DDoS) attacks for educational and testing purposes. It supports various operating systems, including Linux, Termux, Windows, and MacOS, and allows users to specify the target IP address and intensity of the attack through command line parameters. Notable features include multi-platform compatibility and straightforward installation instructions, emphasizing an ethical usage disclaimer.

README

DDoS-Ripper

What is a DDoS Attack?

A Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

AI Summary: DeathStar is a Python script designed to automate the exploitation of misconfigurations within Active Directory environments to attain Domain and Enterprise Admin rights by leveraging the RESTful API of the Empire framework. Notable features include a plugin system for extensibility, support for multiple Active Directory domains and forests, real-time adaptive monitoring during attacks, and a fully asynchronous operation model. This tool aims to provide a comprehensive solution for demonstrating prevalent Active Directory vulnerabilities in a reliable and non-disruptive manner.

AI Summary: Decepticon is a Vibe Hacking agent designed to streamline the red teaming process by utilizing AI to automate repetitive tasks such as scanning, service enumeration, and executing multi-stage attacks. Its primary use case is in penetration testing, where it simulates real-world attack scenarios to evaluate an organization’s security posture effectively. Notable features include the ability to handle the full kill chain, integrate with AI API keys, and operate within a Docker environment for ease of deployment.

AI Summary: The DedSec Project is an educational toolkit designed for Android using Termux, integrating various scripts, utilities, and local web interfaces to facilitate learning about cybersecurity tools and workflows. It aims to enhance users’ understanding of defensive awareness through practical exercises and organized scripts, while supporting both English and Greek interfaces. Notable features include a comprehensive installation guide, diverse categories of tools, and a focus on educational usage, including personal information capture and simulated environments.

AI Summary: DeepTraffic is a toolkit that employs deep learning models specifically for the classification of network traffic, focusing on identifying malware and anomalies. Its primary application lies in enhancing cybersecurity measures through effective traffic analysis and representation learning using convolutional neural networks. Notable features include end-to-end encrypted traffic classification and the ability to learn hierarchical spatial-temporal features for improved intrusion detection.

README

Deep Learning models for network traffic classification

For more information please read our papers.

AI Summary: The Default Credentials Cheat Sheet is a tool designed for penetration testers and blue teamers, providing a comprehensive repository of default login credentials for various products to aid in security assessments. Notable features include a searchable database of over 3,700 default credentials, the ability to export results for use in brute force attacks, and automated updates to maintain current data. The tool is easily installable via pip and supports operations across multiple operating systems.

AI Summary: OWASP dep-scan is an advanced security audit tool designed for analyzing project dependencies against known vulnerabilities, advisories, and license issues, applicable to both local repositories and container images. Its primary use case is to facilitate integration within Application Security Posture Management (ASPM) and Vulnerability Management (VM) platforms, especially in Continuous Integration (CI) environments. Notable features include advanced reachability analysis, fast local vulnerability scanning without a server, generation of Software Bills of Materials (SBOM), and clear insights for prioritization of vulnerabilities.

AI Summary: DGFraud is a Graph Neural Network (GNN) toolbox designed for detecting fraud in various systems by integrating and comparing state-of-the-art GNN-based models. Its primary use case lies in enhancing the efficacy of fraud detection mechanisms through advanced graph-based methodologies. Notable features include a modular architecture for implementing new models, comprehensive documentation on existing algorithms, and support for TensorFlow 2.0, allowing seamless integration into existing projects.

README

AI Summary: The Digital Forensics Guide serves as a comprehensive resource for those engaged in digital forensics, providing a compilation of applications, libraries, and tools essential for effectively conducting forensic investigations. The guide includes sections on various forensic fields such as computer, mobile, and network forensics, along with curated lists of tutorials, certifications, and frameworks to enhance practitioners’ skills and knowledge. Notable features include playbooks for practical application and a structured format for easy navigation through key topics.

AI Summary: Diodb is a community-driven, vendor-agnostic database designed to catalog Vulnerability Disclosure Programs (VDPs) and Bug Bounty Programs (BBPs), including essential details such as contact information, policy locations, and reward structures. It facilitates streamlined engagement between security researchers and organizations, promoting best practices like Safe Harbor for ethical hacking. Notable features include a searchable front-end interface, options to download raw data in JSON format, and tools for generating VDPs easily.

AI Summary: Dirhunt is a web crawling tool designed to search for and analyze directories on web servers, identifying interesting content even when directory listings are disabled. It efficiently detects false 404 errors and empty index files while minimizing server requests, supporting features such as multiple site processing, detection of redirectors, and integration with various data sources for enhanced directory discovery. The tool is aimed at audit teams and is intended for use on owned or authorized servers only.

AI Summary: Dirmap is an advanced web directory scanning tool designed for comprehensive directory discovery and vulnerability assessment, surpassing the capabilities of tools like DirBuster and Dirsearch. Its notable features include support for concurrent scanning across multiple targets and payloads, recursive scanning with customizable status code triggers, dynamic dictionary creation through web crawling, and extensive configuration options for request handling and response processing. This makes Dirmap particularly effective for security professionals conducting thorough penetration testing and vulnerability assessments on web applications.

AI Summary: DNSGen 2.0 is an advanced DNS name permutation engine tailored for security researchers and penetration testers, facilitating subdomain discovery and security assessments through the generation of intelligent domain name variations. Notable features include a smart domain name permutation engine, support for custom wordlists, multiple sophisticated permutation techniques such as word affixing and cloud-specific patterns, and integration capabilities with tools like MassDNS for efficient domain resolution.

README

DNSGen 2.0 - Advanced DNS Name Permutation Engine 🚀

AI Summary: dnstwist is a DNS-centric tool designed for domain name permutation and reconnaissance, allowing security researchers to discover potential phishing domains and domain variations. Its primary use case is to enhance domain security assessments by identifying lookalike domains and subdomain enumeration. Notable features include support for various DNS record lookups, historical data integration, and API access for automation.

README

docs/README.md

AI Summary: The DoublePulsar Detection Script is a Python tool designed to identify the presence of the DoublePulsar implant on systems through SMB and RDP protocols. It supports scanning single IPs or lists of IPs with multi-threading capabilities, and includes functionality for remote uninstall of the implant for remediation. Key features include detection capabilities for both protocols, an early release for urgent network compromise identification, and associated Snort signatures for enhanced detection.

AI Summary: DroneSploit is a command-line interface framework designed for penetration testing of light commercial drones, leveraging techniques and exploits similar to Metasploit. It allows users to interactively conduct security assessments on drone systems, with features that include a variety of modules for specific drone payload alterations such as changing passwords or SSIDs. The framework’s structure facilitates easy extension and integration of new hacking techniques.

README

DroneSploit

Easily pentest drones.

AI Summary: The DumpsterFire Toolset is a cross-platform, modular tool designed for creating automated, time-delayed security events suitable for both Red and Blue Team exercises. Its primary use case is to facilitate realistic cyber incident simulations and training by allowing users to build customizable event chains that can generate network and filesystem artifacts, enhancing incident response capabilities. Notable features include dynamic extensibility for adding custom event modules, a menu-driven interface for ease of use, and the ability to run exercises in a controlled manner without direct supervision.

AI Summary: Dwarf is a versatile debugger designed for reverse engineers, crackers, and security analysts, facilitating the analysis of applications on various platforms, including Android, iOS, and local environments. Leveraging PyQt5 and Frida, it offers features such as a debugging UI, session management with agent integration, and the ability to trace Java and native functions, enabling users to conduct detailed investigations into application behavior. Additionally, Dwarf supports scripting with a dedicated API that enhances productivity through autocompletion and inline documentation.

AI Summary: ElectricEye is a comprehensive Python CLI tool designed for multi-cloud and multi-SaaS environments that focuses on Asset Management, Security Posture Management, and Attack Surface Monitoring. It supports over 100 services and conducts more than 1000 checks aligned with over 20 regulatory and best practice frameworks, enabling organizations to enhance their cloud security and compliance effortlessly. Notable features include cross-Account, cross-Region capabilities and support for major platforms like AWS, GCP, Azure, and more, making it a versatile solution for managing diverse cloud architectures.

AI Summary: Elpscrk is an intelligent password generation tool designed to create permutations based on user-provided information about a target, effectively generating potential passwords through statistical methodologies. It offers six complication levels ranging from simple to highly complex, enabling tailored password generation based on the user’s customization needs. Notably, Elpscrk is memory efficient and capable of producing up to one million password combinations, making it a powerful option for password profiling and security analysis.

AI Summary: EmailAll is a powerful email collection tool designed to aggregate email addresses from various online sources, including search engines and datasets. Its primary use case is to support cybersecurity professionals in gathering emails for domain reconnaissance, and it features integration with multiple API services for data retrieval along with modular results storage in JSON format. The tool allows easy configuration for proxies and APIs, enhancing its flexibility for various deployment environments.

AI Summary: EmploLeaks is an Open Source Intelligence (OSINT) tool that facilitates the gathering of employee information from companies, primarily utilizing LinkedIn to extract employee lists and personal email addresses. Notable features include the ability to search a custom COMB database for leaked passwords using the retrieved emails, and an extension for identifying personal code repositories on GitLab. The tool requires Python for installation and offers a user-friendly command-line interface for executing its functionalities.

AI Summary: enum4linux-ng is an advanced enumeration tool designed for extracting information from Windows and Samba systems, primarily targeted at security professionals and CTF participants. It builds on the capabilities of the original enum4linux by incorporating enhanced output parsing, allowing for findings to be exported in YAML or JSON formats, and implementing features such as multiple authentication methods, smart enumeration, and support for both IPv6 and SMBv1.

README

enum4linux-ng

A next generation version of enum4linux

AI Summary: espoofer is an open-source tool designed to assess vulnerabilities in email systems related to SPF, DKIM, and DMARC authentication protocols. It aims to aid mail server administrators and penetration testers in identifying potential weaknesses that could be exploited for email spoofing attacks. Notable features include three operational modes—server, client, and manual—that facilitate comprehensive testing of both sending and receiving services.

README

espoofer

espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails.

AI Summary: Evil Limiter is a network management tool designed to monitor, analyze, and control the bandwidth of devices on a local network without needing physical or administrative access. Utilizing ARP spoofing and traffic shaping techniques, it enables users to throttle upload and download speeds for specific hosts, block internet connections, and manage network resources effectively through a command-line interface. Notable features include automatic network configuration detection, the ability to scan IP ranges, and manage hosts dynamically with various commands for limiting and unblocking access.

AI Summary: EvilOSX is a Remote Administration Tool (RAT) designed for macOS that enables stealthy monitoring and control of compromised systems. It boasts features such as terminal emulation, module extensibility, and the ability to retrieve sensitive user data like passwords and iCloud tokens, all while remaining undetected by antivirus solutions through encrypted payloads. Additionally, it includes functionalities for taking screenshots, recording audio, and executing local privilege escalation attempts, making it a potent tool for unauthorized system access and data exfiltration.

AI Summary: EvilWAF is a sophisticated transparent MITM Firewall bypass proxy and deep WAF vulnerability scanner designed for authorized security testing purposes. It operates at the transport layer, allowing seamless integration with various security tools while employing advanced techniques such as TCP and TLS fingerprint rotation, source port manipulation, and automated WAF detection to evade defensive mechanisms. Notable features include a comprehensive multi-layer WAF scanning capability, direct origin bypass, and a robust IP rotation strategy through Tor and proxy pools, ensuring effective assessment of firewall vulnerabilities.

AI Summary: Exegol is a modular cybersecurity environment tailored for offensive security professionals, addressing traditional security distribution challenges. Its primary use case is for hackers and security experts who require a reliable toolkit for field operations. Notable features include its customizable structure and community-driven design, enhancing usability and effectiveness in practical cybersecurity applications.

README

Exegol is a comprehensive cybersecurity environment designed by offensive security experts, for fellow hackers, with its community. It solves the common pain points of traditional security distributions by providing a modular and reliable toolkit that’s made for the field.

AI Summary: Exphub is a vulnerability exploitation script repository containing various Proof of Concept (PoC) and exploit scripts for commonly exploited vulnerabilities across platforms like Weblogic, Struts2, Tomcat, and Drupal. It includes detailed usage documentation for a wide range of scripts, such as remote command execution (RCE) and Webshell uploader scripts, all of which have been tested for effectiveness. The tool aims to streamline the process of vulnerability scanning and exploitation by consolidating multiple scripts for easy access and execution.

AI Summary: The extract_otp_secrets tool is a Python script designed to extract one-time password (OTP) secrets from QR codes generated by two-factor authentication applications, such as Google Authenticator. It supports multiple input methods, including live capture from a camera, image files, and text files from external QR code readers, while allowing users to export the extracted secrets to JSON or CSV formats or print them as QR codes. Notable features include a built-in GUI for live QR code capture and flexible output options.

AI Summary: Eyeballer is a tool designed for large-scope network penetration testing, specifically aimed at identifying potentially vulnerable web hosts from a vast collection of screenshots. It employs machine learning to classify sites into categories such as “Old-Looking Sites,” “Login Pages,” and “Parked Domains,” allowing users to prioritize targets based on their likelihood of containing vulnerabilities. Notable features include support for GPU usage, a user-friendly setup process, and integration with popular screenshotting tools like EyeWitness and GoWitness.

AI Summary: Fail2Ban is a security tool that monitors log files for multiple failed authentication attempts, automatically banning IP addresses that exceed a specified threshold by updating firewall rules. It supports various standard log files, including those from SSH and Apache, and can be configured to monitor custom log files as needed. Notable features include its capability to work with both IPv4 and IPv6 addresses, and a client-server architecture for managing configurations and interactions.

AI Summary: FAME (FAME Automates Malware Evaluation) is a Python-based framework designed to automate and enhance the analysis of malicious files, enabling analysts to quickly identify malware families and extract relevant configurations and indicators of compromise (IOCs). The tool utilizes Flask for its web interface and Celery for managing background tasks, streamlining the end-to-end analysis process. FAME aims to empower malware analysis efforts by providing an efficient and user-friendly solution for processing malware samples.

AI Summary: Faraday is an open-source vulnerability management tool designed to facilitate the organization, aggregation, and visualization of security data in a multiuser environment. Its primary use case is to streamline vulnerability discovery and management by integrating various community tools while providing insightful visualizations for both managers and analysts. Notable features include its command-line interface for direct terminal access, support for multiple installation methods (including Docker and PyPi), and the ability to automate scanning tools within CI/CD pipelines.

AI Summary: Fav-up is a tool that leverages favicon icons to identify real IP addresses using the Shodan API. It supports multiple lookup methods, including local files, URLs, and domain searches, and can output results in CSV or JSON formats. Key features include customizable API key input options, support for batch processing via input lists, and the ability to retrieve detailed information such as favicon hashes and associated masked IPs.

AI Summary: FavFreak is a reconnaissance tool that streamlines the process of gathering information using favicon hashes from a list of URLs. It fetches the favicon.ico for each URL, computes its hash, and matches it against a predefined fingerprint dictionary to identify known services. Key features include sorting results by favicon hashes and generating Shodan dorks, making it a valuable asset for bug bounty hunters and OSINT investigations.

README

FavFreak - Weaponizing favicon.ico for BugBounties , OSINT and what not

AI Summary: FeatherDuster is a cryptographic analysis tool designed to facilitate the identification and exploitation of weaknesses in cryptosystems, leveraging its underlying library, Cryptanalib. It offers capabilities for automatic encoding detection and decoding, interaction with multiple ciphertext formats, and supports various cryptographic analysis functions, making it suitable for both researchers and practitioners in the field of cryptography. The tool aims to simplify the process of analyzing flawed cryptographic implementations, while Cryptanalib serves as a flexible engine for developing custom crypto attack methods.

AI Summary: FinalRecon is an automated web reconnaissance tool designed to efficiently gather comprehensive information about a target in a short time, maintaining high accuracy without the overhead of multiple dependencies. Notable features include detailed data collection on headers, WHOIS, SSL certificate information, DNS enumeration, subdomain and directory enumeration, web crawling, and a port scanning functionality, all in one compact solution. This tool is especially useful for OSINT practitioners seeking quick and reliable data during the reconnaissance phase of security assessments.

AI Summary: FISSURE is an open-source RF framework designed for signal understanding and reverse engineering, catering to both operational and educational needs. It enables users to detect, classify, and manipulate RF signals, perform automated vulnerability testing, and integrate with TAK for real-time situational awareness. Key features include support for various deployment options, from desktop GUIs to headless nodes, and a robust plugin ecosystem for enhanced functionality.

README

FISSURE - The RF Framework

Frequency Independent SDR-based Signal Understanding and Reverse Engineering

AI Summary: flare-emu is an advanced emulation tool that integrates with binary analysis frameworks such as IDA Pro or Radare2, leveraging the Unicorn emulation framework to facilitate flexible and efficient code analysis. It offers multiple interfaces for emulating instruction ranges, iterating through function paths, and handling complex emulation scenarios, making it suitable for deep analysis of executable binaries across various architectures including x86, ARM, and their 64-bit counterparts. Notably, it provides functionalities for user-defined hooks, direct memory manipulation, and dynamic code discovery, enhancing the analyst’s ability to probe and understand obfuscated or complex binaries.

AI Summary: Flask Session Cookie Manager is a Python tool that encodes and decodes Flask session cookies, facilitating easier management of session data. It offers commands for encoding session information into a cookie format and decoding existing cookies back into a readable structure, with support for both Python 2 and 3. Notable features include optional secret key usage for secure operations and clear command-line arguments for encoding and decoding tasks.

AI Summary: Free-Auto-GPT is an open-source implementation of autonomous AI agents like Auto-GPT and BabyAGI, designed to operate without paid APIs, thus enabling users to leverage advanced AI capabilities at no cost. Its notable features include easy integration with the Hugging Face and ChatGPT ecosystems, allowing users to access a variety of AI models without significant hardware requirements or financial constraints. This democratizes AI technology, making it accessible for small businesses and individuals seeking to innovate without hefty investments.

AI Summary: free-one-api is a flexible API tool that allows users to access various large language model (LLM) reverse engineering libraries via a standard OpenAI API format. Its primary use case is facilitating seamless interactions with multiple LLMs while providing notable features such as automatic load balancing, web UI support, streaming mode, and a heartbeat detection mechanism to ensure reliability. Additionally, it enables contributors to expand its functionality by testing and integrating new adapters.

AI Summary: fsociety is a modular penetration testing framework designed to assist cybersecurity professionals in conducting security assessments. Notable features include a command-line interface with options for retrieving information and suggesting tools, as well as support for installation via pip and Docker. The framework’s modular approach allows users to integrate various tools for comprehensive security testing.

README

fsociety

AI Summary: Fsociety is a comprehensive penetration testing framework designed to provide a wide array of hacking tools utilized in the Mr. Robot series. It features modules for information gathering, password attacks, wireless testing, exploitation, web hacking, and post-exploitation, all implemented in Python 2, with detailed installation instructions for various platforms, including Docker support. Notable tools included are Nmap, sqlmap, WPScan, and several others tailored for diverse security testing scenarios.

AI Summary: Fuxploider is an open-source penetration testing tool designed to automate the detection and exploitation of vulnerabilities in file upload forms. Its primary use case is to identify permissible file types and effectively upload web shells or malicious files to targeted web servers using optimized techniques. Notable features include support for Python 3.6 and the ability to utilize Docker for installation, providing flexibility across different environments.

README

fuxploider

AI Summary: fuzzDicts is a comprehensive web penetration testing dictionary tool designed for security professionals to enhance fuzzing and brute-force attacks. It features an extensive collection of payloads, username lists, and weak password dictionaries, regularly updated to include specific vulnerabilities across different systems, including Unix and Windows. Notable features include categorized dictionaries for remote code execution, XSS attacks, and various common website directories, making it a valuable resource for security testing and exploitation.

AI Summary: FuzzForge AI is an open-source orchestration platform that leverages AI agents to automate security research workflows via the Model Context Protocol (MCP). It enables seamless interaction with containerized security tools, allowing AI agents to discover, chain, and execute tasks for vulnerability assessment and analysis autonomously. Notable features include a hub architecture for tool discovery, support for AI-native workflows, and the capability to create automated pipelines tailored for specific use cases such as firmware vulnerability research or Rust fuzzing.

AI Summary: GasMasK is an all-in-one open-source information gathering tool designed for Open Source Intelligence (OSINT) tasks. It facilitates data collection across various platforms such as Google, Shodan, and social media, allowing users to search for domains and extract relevant information through an extensive set of features, including customizable output formats and API integrations for enhanced functionality. The tool is built in Python and supports numerous search methods, making it a versatile choice for cybersecurity professionals conducting reconnaissance.

AI Summary: Gemini-API is an asynchronous Python wrapper for the Google Gemini web application, designed for generating and editing content through natural language queries. Key features include persistent cookie management, image generation capabilities, customization via system prompts and extensions, support for streaming output, and the ability to classify various types of responses. The tool is built on asyncio, ensuring efficient execution for always-on services and complex interactions.

README

AI Summary: geowifi is a tool designed for querying WiFi geolocation data based on the BSSID or SSID from various public databases. Its primary use case is to facilitate the retrieval of network location information, providing output in either map or JSON format. Notable features include support for multiple APIs like Wigle, Google Geolocation, and Combain, enabling users to easily configure and access comprehensive WiFi data.

README

📡💘🌎 | geowifi

Search WiFi geolocation data by BSSID and SSID on different public databases.

AI Summary: Gepetto is a Python plugin designed for integration with IDA Pro (≥ 7.6) that utilizes large language models to analyze and enhance decompiled functions. Its primary use case includes providing detailed explanations of function behavior and automatically renaming variables for clarity. Notable features include support for multiple AI models, including those from OpenAI, Google, and Azure, along with an easy installation process via the Hex-Rays CLI tool.

README

Gepetto

Gepetto is a Python plugin which uses various large language models to provide meaning to functions decompiled by IDA Pro (≥ 7.6). It can leverage them to explain what a function does, and to automatically rename its variables. Here is a simple example of what results it can provide in mere seconds:

AI Summary: Ghost Framework is an Android post-exploitation framework that leverages the Android Debug Bridge to enable remote access to Android devices. Its primary use case is for penetration testing and security assessments of Android applications and devices. Notable features include ease of installation via pip and a focus on facilitating comprehensive exploitation scenarios.

README

Ghost Framework



Ghost Framework is an Android post-exploitation framework that
exploits the Android Debug Bridge to remotely access an Android device.

Installation

pip3 install git+https://github.com/EntySec/Ghost

AI Summary: GhostTrack is an OSINT tool designed for tracking the location or mobile number of targets, facilitating information gathering through various tracking functionalities. Its notable features include IP tracking, phone number tracking, and username tracking across social media platforms, allowing users to collect comprehensive data on their targets. The tool is straightforward to install on Linux or Termux and is continuously updated, with the latest version being 2.2.

README

GhostTrack

Useful tool to track location or mobile number, so this tool can be called osint or also information gathering

AI Summary: Ghostwriter is an open-source platform that streamlines offensive security operations by facilitating report writing, asset tracking, and assessment management. Key features include a robust reporting engine with customizable templates, role-based access controls, and integrations with tools like Mythic C2 and Cobalt Strike for automatic activity logging. The platform enhances collaboration among red teams and consultants by providing a centralized environment to manage client information and generate comprehensive reports in various formats.

AI Summary: GHunt is an offensive Google framework focused on OSINT, enabling users to extract information using various modules related to Google services. Key features include a command-line interface, asynchronous processing, JSON export capabilities, and a browser extension for easier login. The tool is designed for security assessments, data gathering, and enhancing investigative workflows linked to Google accounts and assets.

README

🌐 GHunt Online version : https://osint.industries

🐍 Now Python 3.13 compatible !

AI Summary: GitFive is an OSINT tool designed for investigating GitHub profiles, enabling users to track username histories, variations, and associated email addresses. Key features include the ability to discover GitHub accounts from lists of emails, analyze repositories, and generate possible email combinations, all while operating efficiently within GitHub’s API rate limits. The tool also supports features like SSH key dumping and JSON exports for ease of data handling.

README

AI Summary: GitGot is a semi-automated tool designed for the quick identification of sensitive information and secrets stored in public GitHub repositories. It leverages user feedback to refine search results, allowing for the dynamic creation of blacklists based on filenames, repository names, or file content matches. Notable features include session persistence, the ability to query GitHub Gists or self-hosted instances, and support for advanced search syntax using the GitHub Search API.

AI Summary: gitGraber is a real-time monitoring tool designed to detect sensitive data leaks across GitHub for various online services, including AWS and Facebook. Its primary use case is to identify and notify users of potential API key exposures through Slack, Discord, or directly in the command line, while minimizing false positives with precise regex patterns. Notable features include configurable keyword searches, automated monitoring through cron jobs, and a dynamic wordlist that adapts to discovered filenames.

AI Summary: GitHub Search is a collection of tools designed to perform advanced searches on GitHub repositories using bash, Python, and PHP. It primarily facilitates users in conducting tailored searches across GitHub by leveraging personal access tokens for authentication, enhancing the search capability and efficiency. Notable features include support for multiple scripting languages and a straightforward setup process through environment variable configuration or a tokens file.

README

github-search

A collection of tools to perform searches on GitHub.

AI Summary: Gmail-Hack is a Python-based tool designed for unauthorized access to Gmail accounts, primarily focused on users operating in Termux or Linux environments. It features a straightforward installation process and is intended for educational purposes, with caveats regarding its ethical use. Notably, the tool claims to facilitate hacking actions with minimal setup time, emphasizing its ease of use for individuals familiar with command-line interfaces.

README

Gmail-Hack

Easy gmail hacking in python

Я не несу ответственности за ваши действия. Скачивая программное обеспечение из этого репозитория, вы соглашаетесь с лицензией.

AI Summary: GonnaCry is a Linux-based ransomware designed to encrypt user files using a robust AES-256-CBC encryption scheme, featuring per-file random AES keys and initialization vectors. Its primary use case is to serve as an educational tool for understanding malware, cryptography, and operating systems, with capabilities such as communicating with a server for key management, altering system wallpapers, and terminating database services. Notable features include a built-in decryptor and the use of RSA-2048 for secure key encryption, making it a comprehensive demonstration of ransomware mechanics.

AI Summary: GPT4Free (g4f) is a robust tool designed to streamline interactions with various accessible Large Language Models (LLMs) and media-generation models by providing a unified interface across multiple providers. It features local GUI support, OpenAI-compatible REST APIs, and clients in both Python and JavaScript, enhancing flexibility and ease of use for developers. Notably, it is community-driven, allowing customization and contribution to improve the platform further.

README

GPT4Free (g4f)

AI Summary: Guardian is an AI-powered penetration testing automation platform designed for enterprise environments, integrating multiple AI providers with extensive security tools to perform intelligent and adaptive security assessments. It features a multi-agent architecture for strategic decision-making, 19 integrated security tools for thorough testing, and enhanced evidence capture for complete traceability of findings. Users must ensure authorized access before conducting tests, adhering to legal and ethical guidelines.

README

🔐 Guardian

AI-Powered Penetration Testing Automation Platform

AI Summary: h2cSmuggler is a specialized tool that facilitates the smuggling of HTTP traffic past insecure proxy configurations by leveraging HTTP/2 cleartext (h2c) communications with compatible back-end servers. Its primary use case involves testing web servers for vulnerabilities related to improperly configured proxy_pass directives that could allow attackers to bypass access controls and proxy rules. Notable features include the ability to scan multiple endpoints concurrently, integration with popular security tools like Burp Suite, and a test environment for demonstration and experimentation with h2c smuggling techniques.

AI Summary: h8mail is an email open-source intelligence (OSINT) and breach hunting tool designed to search for emails across various breach and reconnaissance services, including local database breaches. It features advanced capabilities such as regex-based email pattern matching, support for multiprocessed local searches, and integration with premium APIs for enhanced data retrieval. Additionally, it allows bulk file processing and the output of results in CSV or JSON format, making it highly versatile for cybersecurity professionals.

AI Summary: HaboMalHunter is an automated malware analysis tool specifically designed for Linux ELF files, facilitating both static and dynamic analysis to aid security analysts. It efficiently extracts crucial features such as process behavior, file I/O, and network interactions, generating comprehensive reports on malicious activities. Notable features include detailed static analysis of file dependencies and strings, as well as dynamic tracking of execution timestamps, API calls, and syscall sequences.

README

HaboMalHunter: Habo Linux Malware Analysis System

AI Summary: The “hack-tools” repository offers a comprehensive collection of cybersecurity tools including DOS, information gathering utilities, malware creation kits, and remote administration tools, catering to a wide audience from enthusiasts to professionals. Key features include multi-platform support for Windows and Linux, compatibility with several programming languages, and the availability of free tools; however, users are cautioned about the legal implications and varying development statuses of the tools provided.

README

AI Summary: HackerPro is a comprehensive pentesting toolkit designed for security professionals, offering a wide array of tools for information gathering, password attacks, wireless testing, web hacking, and post-exploitation. Notable features include Nmap for network scanning, sqlmap for SQL injection, and a suite of tools for scanning and exploiting web applications. This tool facilitates multi-faceted penetration testing, making it essential for those engaged in cybersecurity assessments.

README

AI Summary: HackGPT Enterprise is an AI-powered penetration testing platform tailored for enterprise security teams, designed to deliver comprehensive cybersecurity assessments through its advanced AI and machine learning capabilities. Key features include multi-model support for AI engines, automated reporting, robust compliance frameworks, and a cloud-native microservices architecture that enhances performance and scalability. Its tools for zero-day detection, risk intelligence, and extensive reporting ensure that organizations maintain a proactive stance against security threats.

AI Summary: HackingBuddyGPT is a tool designed to assist security researchers in leveraging large language models (LLMs) for discovering new attack vectors, enabling efficient penetration testing and security assessments in 50 lines of code or less. Notable features include support for SSH connections to remote targets and local shell execution, enhancing testing capabilities while maintaining awareness of potential risks to live environments. The framework also provides reusable benchmarks for Linux privilege escalation and comparative analyses of multiple LLMs to facilitate optimal usage in security tasks.

AI Summary: Harpoon is a command-line interface (CLI) tool designed for open-source intelligence (OSINT) and threat intelligence gathering. Its primary use case involves extracting comprehensive data from multiple security-related APIs, such as those for IP addresses, ASN queries, and domain information, through a range of built-in plugins. Notable features include support for multiple data sources, configurable API keys, and the ability to update the tool seamlessly for ongoing intelligence needs.

AI Summary: HeapViewer is an IDA Pro plugin designed for analyzing heap memory, particularly for exploit development focusing on the glibc malloc implementation (ptmalloc2). Notable features include heap tracing for memory allocation functions, detection of overlaps and double-frees, visualization tools, chunk and arena information, and various utilities for manipulating and understanding heap structures. This tool aids in the identification of vulnerabilities related to memory management in software applications.

README

HeapViewer

AI Summary: hermes-dec is a reverse-engineering tool designed for disassembling and decompiling React Native applications that utilize the Hermes VM bytecode (HBC) format. Its primary use case is to transform Hermes bytecode files into human-readable formats, enabling analysis and understanding of the JavaScript code within mobile apps. Notable features include the ability to parse Hermes file headers, disassemble bytecode into intermediate representations, and decompile bytecode into pseudo-code, facilitating the examination of React Native applications.

AI Summary: HexStrike AI is an advanced penetration testing platform that integrates over 150 security tools and more than 12 autonomous AI agents for automated cybersecurity assessment. Its primary use case focuses on cybersecurity automation, employing intelligent decision-making and vulnerability intelligence to optimize attack strategies and resource management. Notable features include real-time dashboards, progress visualization, and a multi-agent architecture that facilitates comprehensive penetration testing and threat analysis.

README

HexStrike AI MCP Agents v6.0

AI-Powered MCP Cybersecurity Automation Platform

AI Summary: HexWalk is a cross-platform hex editor, viewer, and analyzer that facilitates in-depth binary file examination. Its primary use case is for advanced binary analysis, featuring capabilities such as advanced pattern searching, entropy analysis, disassembly for multiple architectures, and integration with Binwalk for firmware analysis. Notable features include a hash calculator, byte pattern recognition for header parsing, and a comprehensive diff analysis tool, making it suitable for security researchers and developers working with binary data.

AI Summary: Qeeqbox/honeypots is a versatile package containing 30 customizable honeypots designed for monitoring network traffic, bot activities, and credential harvesting. It features non-blocking responses, easy setup and customization, and supports logging to various outputs, including Postgres databases, terminal, and Syslog. The tool encapsulates multiple protocols like HTTP, FTP, SSH, and more, facilitating quick deployment of multiple honeypots for enhanced threat detection.

README

30 low-high level honeypots in a single PyPI package for monitoring network traffic, bots activities, and username \ password credentials.

AI Summary: HostHunter is a Python-based tool designed for the discovery and extraction of hostnames linked to specified IPv4 or IPv6 addresses, utilizing OSINT and active reconnaissance methods. It generates comprehensive reports in various formats, including CSV and Nessus, and features capabilities like SSL certificate extraction, hostname validation, and the ability to capture screenshots of target applications. This tool is particularly beneficial for organizations aiming to assess their attack surface effectively.

AI Summary: The IDA Pro MCP is a simple MCP server designed to facilitate vibe reversing in IDA Pro, allowing users to interact with supported MCP clients for enhanced reverse engineering tasks. Key features include installation support via pip, configuration for various MCP clients, and guidance on prompt engineering to optimize interactions with large language models during the analysis process. This tool is particularly beneficial for users looking to streamline the reverse engineering process using advanced AI techniques in conjunction with traditional analysis tools.

AI Summary: IDACode is a Visual Studio Code extension designed to facilitate the execution and debugging of Python scripts within the IDA Pro environment. Notable features include quick script execution, seamless integration with the Python debugger via debugpy, and the ability to run scripts without modifications directly from IDA. The tool supports features like “Execute on save” for automatic script execution and has been tested for compatibility with IDA versions 8.4/9.0 and Python 3.12 on both Windows and macOS.

AI Summary: Ignorant is a tool designed to check the presence of a phone number across various platforms, such as Snapchat and Instagram, without alerting the target. Its primary use case is to facilitate user verification linked to phone numbers for security assessments, while notable features include support for asynchronous operations, rate limiting detection, and integration with multiple modules for different websites.

README

Ignorant

👋 Hi there! For any professional inquiries or collaborations, please reach out to me at: megadose@protonmail.com

AI Summary: iKy is a cybersecurity tool designed to collect and display information related to email addresses through an intuitive visual interface. It integrates multiple modules such as FullContact, LinkedIn, and HaveIBeenPwned, allowing users to gather diverse data points about email owners, enhancing the reconnaissance process in cybersecurity investigations. The tool leverages technologies like Flask for the interface, Redis for storage, and is deployable via Docker, ensuring robust performance and ease of use.

AI Summary: Impulse is a modern denial-of-service toolkit designed for executing various DDoS attack methods, including SMS, email, and multiple network traffic overload techniques like SYN and UDP floods. Its notable features include a user-friendly interface and support for methods such as Slowloris and NTP amplification, allowing attackers to exploit vulnerabilities across multiple platforms including Windows, Linux, and Termux. This tool can be leveraged to stress test and demonstrate the potential impact of denial-of-service attacks on targeted systems.

AI Summary: Instabruteforce is a Python-based tool designed for brute-forcing Instagram accounts using a list of proxies. Its primary use case is to test account security by attempting to crack passwords from a supplied list, with features that include proxy management, statistics tracking, and customizable bot modes for varying performance. The program also incorporates a pruning system to optimize proxy usage by removing underperforming proxies from its database.

README

Instagram Bruter

This program will brute force any Instagram account you send it its way given a list of proxies.

AI Summary: Instagram Monitor is a comprehensive OSINT tool designed for real-time tracking of Instagram activities, including post updates, follower changes, and profile modifications. Key features include interactive dashboards, anonymous media downloads, smart notifications via multiple channels, and enhanced privacy settings to simulate human behavior and avoid detection. This tool effectively provides insights into user engagement and media management, making it vital for social media analysts.

README

instagram_monitor

AI Summary: Instagram-Hacker is a Python script designed for performing bruteforce attacks on Instagram accounts. Its primary use case is to automate the process of testing multiple password combinations for a given username using predefined password lists. Notable features include the requirement for the mechanize and requests libraries, and the option to integrate with Tor for enhanced anonymity during the attack process.

README

Instagram-Hacker

This is a script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!

AI Summary: InstagramPrivSniffer is a digital investigation tool designed for accessing and analyzing posts from private Instagram accounts that are made visible through collaborations with public accounts. Notable features include the ability to download and view media from these private accounts, serving primarily as an OSINT resource for cybersecurity professionals. The tool is intended strictly for educational and research purposes, and its use should be approached with legal considerations in mind.

AI Summary: Instaloader is a command-line tool designed for downloading media from Instagram profiles, including photos, videos, stories, comments, and geotags. It supports both public and private profiles, offers features for handling profile name changes, and includes options for filtering and customizing download locations. Additionally, it allows users to efficiently update local copies of profiles and preserves session cookies for seamless access to private content.

README

.. image:: https://raw.githubusercontent.com/instaloader/instaloader/master/docs/logo_heading.png

.. badges-start

AI Summary: Interlace is a command-line tool designed to enhance single-threaded applications by enabling multi-threading capabilities, specifically for penetration testing and bug bounty workflows. It supports CIDR and glob notation for target specification and allows users to define multiple parameters such as timeouts, threads, and various command options, facilitating efficient execution across various targets. Notable features include the ability to pipe target lists, utilize multiple proxies, and specify complex command files for diverse testing scenarios.

AI Summary: Ipdrone is a Python-based tool designed for IP lookup and geolocation tracking, intended for use on both rooted and non-rooted Android devices via Termux. Notable features include real-time location tracking, ease of use for beginners, and consistent updates, enabling users to gather detailed information about specific IP addresses.

README

ABOUT TOOL :

Ipdrone is a simply python script, which can be used to Ip lookup and to get information of perticualr target Ip. This tool works on both rooted Android device and Non-rooted Android device.

AI Summary: IVRE (Instrument de veille sur les réseaux extérieurs) is a comprehensive network reconnaissance framework designed for both passive and active reconnaissance. It integrates multiple data sources and tools such as Zeek, Nmap, and Masscan, enabling users to gather extensive information about networks efficiently. Notable features include a web interface for data visualization, support for various database backends, and a modular architecture that allows for easy integration of additional tools.

AI Summary: JexBoss is a tool designed to test and exploit Java deserialization vulnerabilities primarily in JBoss Application Server and other Java platforms. It supports versions 3 to 6 of JBoss and is effective against a variety of frameworks and applications, utilizing exploitation vectors such as admin and JMX consoles, servlet deserialization, and specific vulnerabilities like CVE-2017-5638. Notable features include easy installation, support for multiple target applications, and demonstration videos for practical use cases.

AI Summary: JustTryHarder is a comprehensive cheat sheet designed to assist users in navigating the Penetration Testing with Kali Linux (PWK) course and preparing for the Offensive Security Certified Professional (OSCP) exam. It consolidates various penetration testing techniques, such as OS detection, privilege escalation, and exploitation methods, while providing clear examples and references. Notable features include a wide array of topics that cover essential hacking methodologies and tools, making it a valuable resource for both beginners and experienced practitioners in the cybersecurity field.

AI Summary: KawaiiGPT is an open-source command-line tool that provides seamless access to various large language models, including DeepSeek, Gemini, and Kimi-K2, through a reverse-engineered Pollinations API without the need for API keys. It features integrated prompt injection capabilities for security research, allowing for uncensored model access and red-team evaluations, along with native support for Linux and Termux, and a user-friendly console interface. Notably, it offers easy configuration options and a streamlined installation process via a single command.

AI Summary: kb is a minimalist knowledge base manager designed for efficient organization and retrieval of information artifacts. It supports functionalities such as adding, viewing, editing, and deleting artifacts, alongside advanced searching options including grep capabilities and template management for better categorization. Notably, it allows for easy import/export of knowledge bases and integrates seamlessly with multiple installation methods, enhancing its usability for various platforms.

README

kb. A minimalist knowledge base manager

AI Summary: The Keylogger tool captures keyboard, mouse, screenshot, and microphone inputs on a target computer and sends the collected data to the user’s email for security testing purposes. Notable features include self-deletion capabilities if the target discovers the code and automated data transmission every 10 seconds. The tool is easy to deploy by running a single script with minimal setup requirements.

README

Inputs To Mail.

Get Keyboard,Mouse,ScreenShot,Microphone Inputs and Send to your Mail. Purpose of the project is testing the security of information systems

AI Summary: Keypatch is a plugin for IDA Pro that integrates the Keystone Assembler Engine, providing enhancements for binary patching during reverse engineering tasks. It features a Patcher for direct assembly input, a Fill Range tool, and a Search utility to locate assembly instructions within binaries. With support for multiple architectures and platforms, an event-driven UI for automated updates, and user-friendly options like automatic comments and undo functionality, Keypatch addresses the limitations of IDA’s built-in assembler while streamlining the reverse engineering process.

AI Summary: Kubestriker is a robust security auditing tool designed specifically for Kubernetes environments, facilitating the identification and mitigation of misconfigurations that may expose clusters to attacks. It offers extensive checks across multiple platforms, including self-hosted Kubernetes, Amazon EKS, Azure AKS, and Google GKE, alongside visualized attack path analytics to enhance situational awareness. Additionally, Kubestriker supports CI/CD pipeline integrations, enabling continuous security scanning during the deployment process.

README

A Blazing fast Security Auditing tool for kubernetes!!

AI Summary: The nixawk/labs repository serves as a catalog of documented vulnerabilities, specifically Common Vulnerabilities and Exposures (CVEs), across various software systems, tools, and devices. The primary use case is to provide security professionals with a reference for known vulnerabilities and their implications, enhancing awareness and response strategies regarding potential exploits. Notable features include detailed entries for each CVE, outlining affected systems and specific attack vectors for exploitation.

README

AI Summary: FIRERPA is an advanced Android automation framework designed for on-device operations, providing a comprehensive suite of over 160 APIs for device management, UI automation, and diagnostics. Its primary use case is to enable lightweight, efficient automation for both physical and virtual Android devices, integrating AI-driven capabilities with robust remote desktop services. Notable features include built-in ADB/SSH/SCP support, extensive logging, encrypted scripting, and seamless deployment across a range of Android versions without complex configuration requirements.

AI Summary: Learn-Web-Hacking is a comprehensive guide designed for individuals interested in web security, systematically organizing essential concepts and knowledge related to web application vulnerabilities, network protocols, and penetration testing. It provides a historical perspective on the evolution of web security, foundational networking concepts, and a detailed exploration of common web vulnerabilities and defensive strategies. Additionally, it includes tool recommendations and resources, making it a valuable resource for both beginners and practitioners in the cybersecurity field.

AI Summary: Lighthouse is an advanced code coverage explorer plugin designed for IDA Pro and Binary Ninja, aimed at software researchers examining execution maps of native applications without the need for symbols or source code. It features interactive controls for coverage painting across multiple views, customizable coverage formats, and a comprehensive overview widget that enhances analysis capabilities. The tool has garnered recognition within the security research community, placing in IDA’s 2017 Plug-In Contest and receiving a nomination for the 2021 Pwnie Awards.

AI Summary: LIKE-DBG is a tool designed to simplify the setup of a Linux kernel debugging environment by automating essential steps such as kernel building, root file system creation, and kernel launching within Docker containers. It offers a highly customizable configuration approach and supports multiple architectures, enabling researchers in kernel exploitation to focus on their work rather than the complexities of environment setup. Notable features include a dedicated Docker setup for each phase, support for various compilation methods, and integrated code quality measures.

AI Summary: linkedin2username is an OSINT tool designed to generate potential username formats for employees of a specified company using LinkedIn’s web interface, requiring user authentication without an API key. Key features include customizable output formats for usernames, the ability to append domain names, and options for depth of search and filtering by keywords. The tool leverages web scraping techniques and is sensitive to LinkedIn’s rate limits, making it suitable for security research purposes.

AI Summary: Linkook is an OSINT tool designed for discovering linked social media accounts and associated emails based on a single username across multiple platforms. Its notable features include the ability to check for email breaches using HudsonRock’s Cybercrime Intelligence Database, and exporting scan results in a Neo4j-compatible format for visual analysis. The tool supports various command-line options for summarizing output, detailed scans, and configuring data handling.

README

Linkook

English | 中文

AI Summary: Linuxprivchecker is a Python script designed for local execution on Linux systems, aimed at enumerating system information and identifying common privilege escalation vectors, such as world writable files and misconfigurations. Its primary use case is to assist users in learning about potential privilege escalation opportunities within Linux environments without performing direct exploits. Noteworthy features include support for both Python 2 and 3, command options for customizing searches and log outputs, and an emphasis on educational utility for those preparing for penetration testing certifications like OSCP and HTB.

AI Summary: lisa.py is a Model-Context Protocol (MCP) integration for LLDB, enabling AI assistants like Claude to interact with debugging sessions through a structured interface. It consists of a server component to handle communication and a plugin for LLDB that exposes debugging functionalities via JSON-RPC, allowing users to execute commands verbally and enhance the debugging experience with natural language processing. Notable features include the capability to create targets, manage breakpoints, control process execution, and evaluate expressions directly from the AI assistant.

AI Summary: LLM Guard is a security toolkit designed to enhance the safety of interactions with Large Language Models (LLMs) by providing features such as input sanitization, harmful language detection, data leakage prevention, and protection against prompt injection attacks. It supports easy integration into production environments and offers a variety of prompt and output scanners tailored for specific security concerns. The tool is continuously updated to adapt to emerging threats, ensuring robust security for LLM applications.

AI Summary: Lockdoor is a pentesting framework that aggregates a variety of tools for tasks such as information gathering, web hacking, privilege escalation, and reverse engineering. Its notable features include a collection of pre-configured tools categorized by function, support for multiple operating systems, and the ability to generate security assessment reports. However, it is important to note that the project is no longer actively maintained.

README

Lockdoor v2.3
⚠️ This project is not maintained anymore. ⚠️

Find more at https://g.co/kgs/TtYRJJP

Table of contents

• Table of contents
• Changelog 📌 :
• Badges 📌 :
• Support me 💰 :
• Contributors ⭐ :
• Versions
  • 06/2021 : 2.3
  • 03/2020 : 2.2.3
• Blogs & Articles 📰 :
• Overview 📙 :
• Features 📙 :
  • Pentesting Tools Selection 📙 :
  • Resources and cheatsheets 📙 :
• Screenshots 💻 :
• Demos 💻 :
• Installation 🛠️ :
• Lockdoor Tools contents 🛠️ :
  • Information Gathering :mag_right: :
  • Web Hacking 🌐 :
  • Privilege Escalation ⚠️ :
  • Reverse Engineering ⚡:
  • Exploitation ❗:
  • Shells 🐚:
  • Password Attacks ✳️:
  • Encryption - Decryption 🛡️:
  • Social Engineering 🎭:
• Lockdoor Resources contents 📚 :
  • Information Gathering :mag_right: :
  • Crypto 🛡️:
  • Exploitation ❗:
  • Networking 🖧 :
  • Password Attacks ✳️:
  • Post Exploitation ❗❗:
  • Privilege Escalation ⚠️:
  • Pentesting & Security Assessment Findings Report Templates 📝 :
  • Reverse Engineering ⚡ :
  • Social Engineering 🎭:
  • Walk Throughs 🚶 :
  • Web Hacking 🌐 :
  • Other 📚 :
• Contributing :

Changelog 📌 :

Version v2.3 IS OUT !!

    - Fixing some CI 

    - making a more stable version 

    - new docker iaage build

    - adding packages for each supported distros

Badges 📌 :

AI Summary: Maigret is a user-centric OSINT tool designed to gather comprehensive profiles based on usernames by scanning over 3000 websites, including Tor and I2P networks. Key features include profile data extraction, recursive search capabilities, and automated handling of censorship and captcha challenges, all without requiring API keys. This tool serves as an effective resource for analysts in social media investigations and identity verification.

README

Maigret

AI Summary: Mailcat is a tool designed to discover existing email addresses based on a user’s nickname, supporting over 170 domains across 37 email providers. It offers functionality through scripts that can be run via Tor or proxy to maintain anonymity, and it employs various methods such as SMTP and API for address retrieval. Notable features include extensive provider support and options for managing connection limits to enhance performance.

README

mailcat

AI Summary: Builds malware analysis Windows VMs so that you don’t have to.

Builds malware analysis Windows VMs so that you don’t have to.

AI Summary: Malcom is a malware communication analyzer that visualizes network traffic to identify interactions with known malware sources, thereby aiding in malware analysis and intelligence gathering. Its primary use case is to detect command and control servers, monitor peer-to-peer networks, and unravel DNS fast-flux infrastructures. Notable features include its ability to convert complex network traffic data into actionable intelligence and a user-friendly graphical interface for rapid analysis.

README

Malcom - Malware Communication Analyzer

Malcom is a tool designed to analyze a system’s network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world.

AI Summary: Malicious PDF is a tool designed to generate various malicious PDF files featuring phone-home capabilities for use in penetration testing and red-teaming. It supports integration with platforms like Burp Collaborator and Interact.sh, providing a diverse set of attack vectors through ten different crafted PDF examples meant for testing web applications, security products, and PDF readers. Key features include the ability to create PDFs exploiting vulnerabilities like external file access, JavaScript injection, and form data exfiltration.

AI Summary: Malwoverview is a versatile malware analysis tool designed for cybersecurity professionals to visualize and understand malware architecture without submitting samples to external endpoints, thereby ensuring compliance with Non-Disclosure Agreements. Its primary use case involves generating detailed reports on malware characteristics, and it offers a variety of analysis features, including dynamic and static analysis capabilities, and an intuitive user interface for enhanced usability. The tool is free and open-source, allowing users to modify and redistribute it under the GNU General Public License.

AI Summary: Mantis is a command-line framework that automates the processes of asset discovery, reconnaissance, and scanning for vulnerabilities. It efficiently identifies subdomains, certificates, and active assets, culminating in comprehensive scans for misconfigurations and secrets using a combination of open-source and custom tools. Notable features include distributed scanning capabilities, customizable scans, a dashboard for vulnerability management, and integration with various DNS services.

README

Features • Modules • Installation • Command Line Options • Documentation • Contributors • Join Discord

AI Summary: Matkap is a cybersecurity tool designed for the analysis of malicious Telegram bots, primarily intended for educational and research purposes. It integrates with FOFA and URLScan to search for leaked bot tokens and chat IDs, allowing users to monitor and log Telegram interactions while offering functionalities to export harvest messages. Notable features include the ability to forward messages from malicious bots and comprehensive logging capabilities for monitoring bot tokens across various platforms.

AI Summary: Metarget is a framework designed to automatically deploy vulnerable cloud-native infrastructures for security research purposes. It allows users to swiftly instantiate environments with known vulnerabilities (e.g., Docker and Kubernetes exploits) using simple command-line instructions, thus minimizing setup time for ethical hacking and testing scenarios. Notable features include the ability to “install” vulnerabilities like software packages, enabling researchers to quickly create multilayer vulnerable scenes for comprehensive testing and learning.

AI Summary: MHDDoS is a Python-based DDoS attack scripting tool that features 57 distinct attack methods, primarily targeting Layer 7 protocols. It offers advanced techniques such as GET and POST floods, as well as bypass mechanisms for various DDoS protection services, enabling users to perform sophisticated denial-of-service attacks while adhering to ethical guidelines. Notable capabilities include methods for random subdomains, slowloris attacks, and cookie manipulation, making it a versatile tool for testing web application resilience.

AI Summary: Miasm is an open-source reverse engineering framework primarily designed for the analysis, modification, and generation of binary programs, supporting formats such as PE and ELF for both 32 and 64-bit architectures. Notable features include assembly and disassembly capabilities for various architectures like X86, ARM, and MIPS, intermediate representation for semantic analysis, JIT-based emulation, and advanced techniques for automatic de-obfuscation. The framework facilitates dynamic code analysis, making it an invaluable tool for security researchers and reverse engineers.

AI Summary: mongoaudit is a command-line interface tool designed for auditing MongoDB servers to identify security misconfigurations and vulnerabilities. Its primary use case is to enhance security by detecting poor configuration settings and providing actionable advice to rectify them, thus helping administrators implement best practices. Notable features include automated penetration testing capabilities and comprehensive reporting with guidance on securing MongoDB installations.

README

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing.

AI Summary: Infection Monkey is an open-source adversary emulation platform designed to enhance security postures by simulating malware behavior within a network. It employs a dual-component architecture comprising an Agent, which mimics a network worm’s propagation techniques, and a centralized command and control server, Monkey Island, for monitoring and visualization. Notable features include various exploitation methods like Log4Shell and RDP, along with adaptive strategies to assess and improve security defenses against real threats.

AI Summary: Mr.Holmes is an OSINT information gathering tool designed for collecting data about domains, usernames, and phone numbers using publicly available resources and Google dorks. Notable features include the use of proxies for anonymous requests and integration with a WhoIS API for enhanced domain information retrieval. The tool is aimed at educational and research purposes, although accuracy may vary.

README

AI Summary: MSDAT (Microsoft SQL Database Attacking Tool) is an open-source penetration testing utility designed for assessing the security of Microsoft SQL databases remotely. Its primary use case includes discovering valid credentials, privilege escalation, and executing operating system commands through various SQL features. Notable features of MSDAT include the ability to perform dictionary attacks, capture SMB authentication, execute SQL requests, and manipulate files on the server, while supporting multiple Microsoft SQL Server versions.

AI Summary: mssqlproxy is a lateral movement tool designed to facilitate access through a compromised Microsoft SQL Server by utilizing socket reuse. It operates with sysadmin privileges and comprises a CLR assembly, a core DLL, and a client, allowing users to install and manage proxy services for connecting to external systems. Notable features include remote DLL management, commands for file transfer, and options for configuring local listening ports, although it currently supports only IPv4 connections.

AI Summary: MySQL Fake Server is a tool designed for penetration testing, specifically emulating a MySQL server to exploit vulnerabilities related to file reading and Java deserialization in MySQL JDBC clients. Notable features include the ability to read large binary files, support for custom configuration through a JSON file, and the option to preview or save the contents of read files, all implemented in pure Python 3 without external dependencies.

AI Summary: Name-That-Hash is a modern hash identification tool designed to accurately identify various hash types, such as MD5 and NTLM. Its notable features include popularity ratings to prioritize common hashes, hash summaries for informed selection, accessible color output, and JSON-based API access for integration into other projects. The tool is intended to provide a more user-friendly and up-to-date alternative to older hash identification systems.

README

➡️ Discord | Website ⬅️

The Modern Hash Identification System
pip3 install name-that-hash && nth
Web App with no install needed

AI Summary: NetExec is a community-driven network exploitation tool derived from the predecessor CrackMapExec, designed to facilitate network enumeration and execution of various tasks across multiple hosts. It boasts functionalities for maintaining and expanding the original tool’s capabilities, alongside regular updates and community contributions. Notable features include an emphasis on user collaboration, a dedicated Discord channel for support, and extensive documentation in development.

README

🚩 This is the open source repository of NetExec maintained by a community of passionate people

AI Summary: The Netlas Cookbook serves as a comprehensive guide for utilizing Netlas Search Tools, aimed at audiences with varying levels of cybersecurity knowledge. It provides practical examples and automation techniques for searching and analyzing IP addresses and domain data on the Internet, while also detailing the use of the Netlas API for advanced queries and OSINT tasks. Key features include search query syntax explanation, logical operators, and integration with Python, enhancing user capabilities in attack surface management and information retrieval.

AI Summary: OWASP Nettacker is an automated penetration testing and information-gathering framework designed for cybersecurity professionals to conduct reconnaissance, vulnerability assessments, and network security audits. Key features include a modular architecture for customizable task execution, support for multi-protocol and multithreaded scanning, comprehensive output formats, and a user-friendly interface for managing scans, all of which enhance its efficacy in identifying weaknesses across diverse systems and applications.

README

OWASP Nettacker

AI Summary: NeuroSploit v3 is an AI-powered penetration testing platform designed for autonomous security assessments, offering support for 100 vulnerability types within isolated Kali Linux containers. Key features include an autonomous agent for parallel testing, an exploit chain engine, anti-hallucination controls, real-time monitoring via a modern web interface, and multi-provider LLM integration for adaptive scanning strategies. The tool provides efficient scanning capabilities and detailed reporting, making it suitable for comprehensive security evaluations.

AI Summary: NoSQLMap is a Python tool designed for auditing and automating injection attacks on NoSQL databases, primarily targeting MongoDB and CouchDB, while also preparing for support of others like Redis and Cassandra. It helps identify and exploit default configuration vulnerabilities to disclose or replicate database data through a user-friendly menu-based interface. Key features include options for NoSQL DB access attacks, web application attacks, and scanning for anonymous MongoDB access.

AI Summary: The Nuclei + Wordfence CVE project provides a comprehensive set of 71,889 Nuclei templates specifically designed for assessing security vulnerabilities in WordPress, including core, plugins, and themes. Notably, the templates are regularly updated to reflect the latest threats identified by Wordfence, offering users a robust tool for proactive site protection and vulnerability identification. This open-source solution allows for customization, giving users the flexibility to adapt templates to meet specific security needs.

AI Summary: o365spray is a specialized tool for username enumeration and password spraying targeting Microsoft Office 365 (O365) environments. It allows users to validate domains, enumerate usernames, and conduct password spraying attacks, featuring configurable options for lockout policies and enumeration modules. The tool emphasizes caution by automatically managing lockout timers during operations to mitigate potential account lockouts.

README

o365spray

o365spray is a username enumeration and password spraying tool aimed at Microsoft Office 365 (O365). This tool reimplements a collection of enumeration and spray techniques researched and identified by those mentioned in Acknowledgments.

AI Summary: Octopus is an open-source, pre-operation command-and-control (C2) server developed in Python, designed for red team operations to facilitate initial attacks and information gathering before launching full engagements. It features secure communications through AES-256 encryption, remote command execution, file transfers, and a unique Endpoint Situational Awareness (ESA) capability that allows users to assess target environments effectively. The tool supports multiple Windows versions and enables stealthy operations, making it less detectable by conventional security measures.

AI Summary: ODAT (Oracle Database Attacking Tool) is an open-source penetration testing tool designed to assess the security of Oracle databases remotely. Key features include the capability to identify valid SIDs and credentials, escalate privileges to DBA or SYSDBA, and execute system commands like reverse shells. It supports various Oracle Database versions and offers extensive options for connectivity checks and detailed database information extraction.

README

ODAT

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.

AI Summary: OFRAK (Open Firmware Reverse Analysis Konsole) is a comprehensive binary analysis and modification platform designed specifically for embedded firmware and various binary formats. Its notable features include an interactive GUI for detailed exploration, a Python API for scripting reusable analyses, recursive unpacking and repacking capabilities, and integration with advanced reverse engineering tools such as angr and Ghidra, allowing users to effectively identify, analyze, and modify complex firmware.

README

OFRAK

OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform. OFRAK combines the ability to:

AI Summary: oletools is a Python package designed for analyzing Microsoft OLE2 files, including older Microsoft Office documents, MSI files, and Outlook messages, primarily for malware detection, forensics, and debugging. Key features include the ability to detect, extract, and analyze VBA macros, OLE objects, Excel 4 macros (XLM), DDE links, and capabilities for analyzing RTF and OpenXML files. The tool is built on the olefile parser, enhancing its functionality with various detection mechanisms and logging options.

AI Summary: onedrive_user_enum is a tool designed for enumerating valid OneDrive users by leveraging the HTTP response codes from file share URLs. Its primary use case is passive user enumeration, which avoids direct login attempts, making it less detectable by the target organization. Notable features include options for remote logging to MySQL, local SQLite database support, user list truncation, and mechanisms for de-duplication and user list management.

README

onedrive_user_enum v2.10

enumerate valid onedrive users

AI Summary: OnionSearch is a Python3 script designed for scraping URLs from various “.onion” search engines, facilitating access to hidden services on the Tor network. It supports multiple search engines and features options for proxy configuration, output file management, and multi-processing capabilities to enhance scraping efficiency. The tool is intended for educational use, enabling users to perform searches with customizable parameters while maintaining optimal performance.

README

OnionSearch

👋 Hi there! For any professional inquiries or collaborations, please reach out to me at: megadose@protonmail.com

AI Summary: OpenCVE is a Vulnerability Intelligence Platform designed to efficiently monitor and manage Common Vulnerabilities and Exposures (CVEs). It provides features such as aggregation from multiple sources, customizable filtering, alert subscriptions, and collaboration tools for tracking CVE progress within teams. Notable functionalities include AI-driven enrichment, customizable dashboards, and detailed reporting capabilities to streamline vulnerability management processes.

README

What is OpenCVE?

OpenCVE is a Vulnerability Intelligence Platform that helps you monitor and manage CVEs efficiently.

AI Summary: opendbc is a Python API designed for interacting with automotive systems, enabling the control of vehicle functions such as steering, gas, and brakes, as well as reading vehicle data like speed and steering angle. Its primary use case is to facilitate the development and integration of advanced driver-assistance systems (ADAS) using the openpilot platform, while also expanding into broader automotive management capabilities. Notable features include support for parsing and building CAN messages via DBC files, a repository of compatible vehicle models, and a structured approach for adding new vehicle support and functionalities.

AI Summary: openSquat is an open-source intelligence (OSINT) tool designed to identify cyber squatting threats against brands or domains. It leverages advanced detection techniques, such as similarity detection using the Levenshtein distance algorithm, and integrates with services like VirusTotal for domain reputation checks. Key features include daily updates on newly registered domains, DNS validation, and multiple output formats, enhancing its utility for security professionals monitoring potential domain-related threats.

README

AI Summary: OpenWifiPass is an open-source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol, designed for sharing Wi-Fi credentials (SSID and PSK) using Bluetooth Low Energy on Linux systems like the Raspberry Pi. It serves educational and experimental purposes, featuring a simple command-line interface to initiate the sharing process, although it currently lacks identity verification for requestors, posing security risks when handling sensitive credentials. Notably, the project includes a reusable OPACK (de)serializer for handling packet data, emphasizing its experimental nature and community-driven development.

AI Summary: The OSCP repository contains a collection of scripts and tools designed to assist in penetration testing and privilege escalation, particularly for the OSCP exam. Notable features include custom scripts for Linux privilege checks, port knocking, cron job analysis, and a comprehensive Windows privilege escalation check, along with a SQL injection cheatsheet for manual exploitation techniques. This repository is aimed at providing streamlined and efficient tools for security practitioners during their testing processes.

AI Summary: OSI.IG is an open-source tool designed for conducting Open Source Intelligence (OSINT) on Instagram accounts by retrieving detailed user information, including profile data, hashtags, mentions, and post metadata. Notable features include the ability to extract user ID, follower counts, and engagement metrics, as well as accessing post details, although it currently struggles with posts marked as sensitive content. The tool aims to work without login credentials, providing a streamlined method for information gathering on Instagram profiles.

AI Summary: Osintgram is a Python-based OSINT tool designed for reconnaissance on Instagram, enabling users to collect and analyze public data from Instagram accounts by username. Key features include retrieving followers, followed accounts, post information, comments, captions, and downloading media such as photos and stories. The tool operates through an interactive shell, providing a comprehensive suite of commands for in-depth investigation while emphasizing the importance of ethical usage.

README

Osintgram 🔎📸

AI Summary: The OSV.dev tool provides a platform for scanning software dependencies against a comprehensive database of known vulnerabilities. It features a Go-based scanner capable of analyzing various types of lockfiles, Docker containers, SBOMs, and git repositories, while enabling users to access a web UI and APIs for data integration and management. Notably, it includes tools for vulnerability data publishing, bisection, impact analysis, and leverages Google Cloud Platform for deployment and scalability.

AI Summary: ParamSpider is a tool designed for fetching and filtering URLs from Wayback Machine archives, specifically targeting domains for bug hunting, fuzzing, and further probing. Its notable features include the ability to ignore less relevant URLs, support for multiple domains, proxy configuration, and the option to introduce placeholders for parameter values, enhancing the efficiency of security assessments.

README

paramspider

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

📖 About • 🏗️ Installation • ⛏️ Usage • 🚀 Examples • 🤝 Contributing •

AI Summary: Passhunt is a tool designed to search for default credentials across network devices and web applications from a database of 523 vendors and 2084 default passwords. It facilitates quick access to these credentials through a simple command-line interface, allowing users to select vendors and retrieve associated default passwords efficiently. Notable features include the comprehensive vendor database and the ease of installation and usage with Python.

README

Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

AI Summary: The passphrase-wordlist project provides an extensive list of over 20 million phrases paired with two hashcat rule files tailored for GPU-based password cracking. Its primary use case is to enhance the effectiveness of hashcat’s cracking capabilities by generating numerous permutations of passphrases to exploit vulnerabilities in systems that utilize weak or common passwords. Notable features include a robust wordlist sourced from various databases and dynamic updates, along with customizable rule files that manipulate passphrase formatting for improved cracking success.

AI Summary: Patching is a plugin for IDA Pro designed for interactive binary patching, aimed at enhancing the efficiency of malware analysis and software reverse engineering. It supports x86/x64 and Arm/Arm64 architectures, allowing users to edit assembly instructions in real-time, with visual feedback on the impact of their changes. Notable features include a context menu for quick patch actions, an intuitive assembly editing dialog, and the ability to NOP instructions or force conditional jumps swiftly.

AI Summary: pbtk is a Protobuf toolkit designed to aid in the reverse engineering of applications utilizing the Protobuf serialization format. It features a unified GUI that enables users to extract Protobuf data structures from various implementations, including Android and web applications, and provides capabilities for editing, replaying, and fuzzing Protobuf messages sent to network endpoints. Notable features include comprehensive support for multiple Java runtimes and binary formats, along with a user-friendly interface that streamlines the manipulation of Protobuf messages.

AI Summary: Penelope is a modern shell handler designed to replace netcat for remote code execution (RCE) exploitation, focusing on enhancing post-exploitation workflows. It supports multiple listeners, session management, and dynamic interaction with target systems through modules, facilitating features such as file transfers, logging, and shell activity management. Built entirely in Python, it offers a standalone operation mode and compatibility across Unix-like systems, thereby streamlining the exploitation process for security professionals.

AI Summary: The “pentest” tool is designed for network reconnaissance and vulnerability assessment, facilitating tasks such as ping sweeping and port scanning across specified IP ranges. It offers automation scripts for performing comprehensive scans and generating organized results, making it an essential utility for penetration testers and security professionals. Key features include various scanning scripts that leverage target lists for efficient and systematic reconnaissance operations.

README

So, You Want to be a Rock Star?

Follow instructions, it`s very easy!

$ git clone https://github.com/jivoi/pentest.git ./offsecfw && cd offsecfw
$ mix_ping_sweep.py 192.168.56.1-254 ./results
$ mix_port_scan.sh -t ./results/targets.txt -p all
$ mix_recon.py ./results/targets.txt

AI Summary: pentest-tools is a collection of customizable security scripts designed for quick penetration testing needs, facilitating various tasks in security assessments. Notable features include domain enumeration, CORS vulnerability testing, subdomain extraction, and DNS requests handling, all provided in multiple programming languages such as Bash, Python, and PHP for versatile usability. This toolkit streamlines common pentesting workflows with efficient tools aimed at both novice and experienced security professionals.

README

pentest-tools

A collection of custom security tools for quick needs.

AI Summary: PentestAgent is an AI-driven penetration testing tool designed to assist cybersecurity professionals in conducting thorough security assessments. It features multiple operational modes, including single-task assistance, autonomous task execution, and multi-agent orchestration, allowing users to adapt their approach based on project complexity. The tool supports integration with platforms like OpenAI and Anthropic, and can be run in Docker for enhanced isolation and access to a suite of pre-installed pentesting tools.

AI Summary: Phishing Catcher is a tool designed to identify potentially phishing domains in real-time by analyzing suspicious TLS certificate issuances reported to the Certificate Transparency Log via the CertStream API. It utilizes a configurable scoring system to evaluate domain names based on specific keywords and thresholds, allowing users to customize the sensitivity of detection. Notable features include a YAML configuration for adjustable scoring properties, support for both Python versions, and the ability to run in a Docker container for simplified deployment.

AI Summary: PhoneSploit is a Python3 tool designed for remote exploitation through ADB (Android Debug Bridge), enabling users to perform a variety of actions on victim devices. Its notable features include the ability to access the device shell, capture screenshots and screen recordings, uninstall applications, and obtain system information in real time, along with file management capabilities such as pulling folders and sending files. The framework serves primarily as a penetration testing tool for assessing the security of Android devices, but it contains mandatory ethical usage disclaimers.

AI Summary: PhoneSploit Pro is an advanced Python-based tool designed for penetration testing and exploiting Android devices remotely through the Android Debug Bridge (ADB) and Metasploit Framework integration. It automates the process of creating, installing, and launching payloads to gain a Meterpreter session in a single click, along with extensive ADB functionalities for managing connected devices, such as file transfers, device control, and data extraction. Notable features include remote screen recording, SMS management, and capabilities for controlling device operations, making it a comprehensive toolkit for security assessments on Android platforms.

AI Summary: PhpSploit is a full-featured Command and Control (C2) framework that maintains a persistent presence on web servers using a polymorphic PHP one-liner. Its primary use case is for penetration testing and exploitation, enabling users to execute commands, manage files remotely, interact with a SQL console, and escalate privileges through over 20 available plugins. Notable features include obfuscated communication via HTTP headers and seamless file upload/download capabilities, facilitating robust interactions with target systems while bypassing standard PHP security measures.

AI Summary: Phunter is a sophisticated tool designed for information retrieval related to phone numbers, enabling users to identify details such as the operator, potential locations, line type, and reputation. It features several capabilities including checks for spam activity, Amazon account linkage, and ownership verification, with functionality for both single-number queries and bulk processing from files. The tool is intended for educational purposes and offers a command-line interface with various output options.

AI Summary: PINCE is a front-end tool for the GNU Project Debugger (GDB) tailored for reverse engineering, particularly in gaming contexts. Its noteworthy features include efficient memory and pointer scanning using specialized libraries, background execution for concurrent command execution, and extensive variable inspection and modification capabilities, resembling those of Cheat Engine. Additionally, PINCE supports dynamic address tables, smart casting of data types, and comprehensive disassembly functionalities, enabling users to analyze and manipulate memory with precision.

AI Summary: PLASMA is an interactive disassembler that converts binary code into more readable assembly language with syntax highlighting, supporting architectures such as x86_64, ARM, and MIPS, along with ELF and PE formats. Its notable features include a Python API for scripting capabilities, allowing users to perform tasks like pseudo-decompilation, flow graph manipulation, and code assembly. The tool is currently under development and offers additional functionality through optional libraries for enhanced features.

AI Summary: POC-T (Pentest Over Concurrent Toolkit) is a versatile framework designed for penetration testing that facilitates concurrent tasks such as data collection, web crawling, brute-force attacks, and bulk PoC management. Its notable features include support for both multithreading and Gevent concurrency modes, simplified script writing without extensive documentation, built-in script extensions, and integration with popular search engine APIs like ZoomEye, Shodan, and Google.

README

POC-T: Pentest Over Concurrent Toolkit

AI Summary: PocOrExp in Github is a tool designed for aggregating proof of concepts (PoCs) and exploitation scripts (Exp) associated with Common Vulnerabilities and Exposures (CVE) directly from GitHub. Its primary use case is to assist cybersecurity professionals in quickly locating relevant PoCs by year and monitoring updates for existing vulnerabilities. Notable features include year-specific data retrieval, initialization options to avoid processing handled CVEs, and the ability to track changes to PoCs over time.

AI Summary: pocsuite3 is an open-source framework designed for remote vulnerability testing and proof-of-concept (PoC) development, focused on empowering penetration testers and security researchers. Notable features include a versatile PoC engine supporting multiple execution modes, dynamic loading of PoC scripts and targets from various sources, as well as comprehensive integration with tools like Seebug, Shodan, and ZoomEye. The tool also offers robust capabilities such as plugin support, multi-target loading, and HTTP/SOCKS proxy configuration, making it a powerful asset in the security testing arsenal.

AI Summary: Find exploit tool

Find exploit tool

AI Summary: Power Pwn is a comprehensive offensive and defensive security toolset designed for the Microsoft 365 Power Platform and AI services. It includes multiple features such as tenant scanning with PowerDump, backdoor deployment, malware creation without coding, and tools for phishing and misconfiguration testing, providing users with extensive capabilities for security assessment and exploitation in Power Platform environments. Additionally, it offers utilities for enumerating custom GPTs and publicly exposed AI services, enhancing its utility for security professionals.

AI Summary: Powershell-RAT is a Python-based remote access tool designed for red team engagements to backdoor Windows machines. Its primary use case involves tracking user activity through screen captures and exfiltrating data via email attachments using Gmail. Key features include stealthy operation, the ability to execute tasks such as taking screenshots and scheduling tasks, and a comprehensive “Hail Mary” option for automated execution.

README

Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment.

AI Summary: protobuf-inspector is a command-line tool designed to parse Google Protobuf encoded blobs (versions 2 and 3) without requiring their corresponding definitions. It outputs a structured representation of the blob’s content, including inferred types and potential parsing errors, making it useful for developers working with Protobuf data or engaging in reverse-engineering tasks. Notable features include the ability to detect structure dynamically, handle embedded messages, and support raw data extraction for in-depth analysis.

AI Summary: Prowler is an open-source cloud security platform that automates security assessments and compliance checks across various cloud environments. It features hundreds of customizable security checks and integration capabilities, enabling organizations to implement real-time monitoring and remediation for enhanced cloud security. Designed for scalability and cost-effectiveness, Prowler simplifies the complexities of cloud security management for organizations of all sizes.

README

Prowler is the Open Cloud Security platform trusted by thousands to automate security and compliance in any cloud environment. With hundreds of ready-to-use checks and compliance frameworks, Prowler delivers real-time, customizable monitoring and seamless integrations, making cloud security simple, scalable, and cost-effective for organizations of any size.

AI Summary: Psudohash is a customizable password list generator designed for orchestrating brute force attacks and cracking hashes by mimicking human password creation patterns. Key features include in-order and all-order combinations of keyword permutations, leet character substitution, common padding value additions, and filtering options based on word length, making it particularly effective for pentesting corporate environments where standard naming conventions are often used in passwords.

README

psudohash

Cool New Features of v1.1.0

Special thanks to DavidAngelos:
▶️ Added a progress bar in every step to track execution.
▶️ Added options:

AI Summary: Pwn_jenkins is a tool designed for exploiting various remote code execution vulnerabilities within Jenkins instances, specifically targeting misconfigurations and outdated versions. It enables authenticated and unauthenticated access to sensitive files, allows for arbitrary command execution via deserialization exploits, and identifies authentication bypass issues through crafted requests. Notable features include support for multiple CVEs, including CVE-2014-23897 and CVE-2019-1003002, making it a comprehensive toolkit for assessing the security of Jenkins environments.

AI Summary: Pwnagotchi is a Raspberry Pi-based tool designed for capturing WPA key material from Wi-Fi networks using passive and active techniques, generating PCAP files compatible with hashcat for cracking. Notable features include the ability to perform full and half WPA handshake captures, utilize PMKID attacks, and facilitate communication between multiple Pwnagotchi units through a custom protocol. The tool has removed AI components to enhance stability and battery life during operation.

AI Summary: Pwndbg is a Python module designed as a plugin for GDB and LLDB, enhancing the debugging experience for developers working on low-level software, reverse engineering, and exploit development. Its primary use case is to streamline common debugging tasks by providing user-friendly features and a suite of utilities that address the shortcomings of vanilla GDB and LLDB. Notable features include an improved hexdump command, a clean interface for quick navigation, and a range of custom tools to facilitate debugging across different platforms and architectures.

AI Summary: pwnedOrNot is an OSINT tool designed to check if email accounts have been compromised and retrieve associated passwords from public data dumps. It leverages the HaveIBeenPwned v3 API for initial breach verification and subsequently searches for compromised passwords. Key features include detailed breach information, the ability to filter results by domain, and support for batch processing of multiple email addresses.

README

OSINT Tool for Finding Passwords of Compromised Email Accounts

Created by Lohitya Pushkar (thewhiteh4t).
Twitter - Blog

AI Summary: PyArmor-Unpacker is a tool designed to unpack Python applications protected by PyArmor, specifically targeting versions prior to v8. The tool offers three methods for unpacking, with the preferred method being suitable for Python 3.9, allowing users to retrieve the original code from obfuscated .pyc files. Notable features include a detailed usage guide, support for multiple unpacking methods, and an emphasis on community contributions to address known issues and enhance functionality.

AI Summary: PyGOD is a Python library designed for graph outlier detection, enabling users to identify anomalies in various structures such as social networks and security systems. It offers over ten detection algorithms, maintains a unified API for ease of use, and supports multiple levels of outlier detection (node, edge, and graph-level) while being compatible with PyTorch Geometric. Key features include scalable design for large graph processing, comprehensive documentation, and streamlined data handling with PyG data objects.

AI Summary: PyInstaller Extractor is a Python script designed to extract the contents of executables created with PyInstaller, including fixed headers for bytecode decompilation. It supports a wide range of PyInstaller versions and can handle both Windows and Linux binaries, enabling users to recover files from packaged applications efficiently. Notable features include seamless integration with Python 2.x and 3.x environments, as well as compatibility with various bytecode decompilers for further analysis.

AI Summary: PyLingual is a Python bytecode decompiler specifically designed for versions 3.6 and later, allowing users to convert Python bytecode back into source code. Notable features include the ability to run locally or through a web service, support for different Python versions via pyenv, and adjustable options for decompilation settings, such as output directory and segmentation preferences. This tool is optimized for readability and extensibility, though it may initially exhibit some control flow accuracy regressions compared to its web service counterpart.

AI Summary: pypush is an evolving library designed for interfacing with Apple’s internal API, specifically focusing on the client side of the Apple Push Notification service (APNs). Its primary use case is to enable applications to impersonate Apple devices and receive push notifications while facilitating reverse-engineering efforts related to iMessage and other APIs. Notable features include platform independence and a planned expansion to include a wider range of Apple’s API functionalities as development progresses.

AI Summary: pythem is a versatile penetration testing framework written in Python, designed for use by security researchers and professionals to conduct various security assessments within legal boundaries. Notable features include support for attacks such as ARP spoofing, DNS manipulation, brute force attacks on SSH and web forms, as well as tools for exploit development and packet filtering. The framework can be installed on Debian-based Linux distributions, or run as a Docker container, facilitating accessibility and ease of deployment.

AI Summary: Quark Engine is a comprehensive tool designed for malware family analysis and vulnerability assessment, particularly in the context of Android malware. Its primary use case involves identifying and reporting on various malware behaviors and signatures, enabling security researchers to assess risks and improve defenses. Notable features include detailed analysis reports, a rule-based scoring system for malware, and compatibility with Python 3.10, making it accessible for developers and cybersecurity professionals.

AI Summary: Raccoon is an offensive security tool designed for reconnaissance and information gathering, offering a wide range of features like DNS enumeration, WHOIS lookup, TLS data analysis, port scanning, and directory fuzzing. With support for asynchronous scanning via Python’s asyncio and anonymity through Tor/proxies, it provides efficient and robust scanning capabilities while organizing outputs by target and scan type. Additionally, it leverages default wordlists from SecLists for various reconnaissance tasks, enhancing its operational effectiveness.

AI Summary: RapidScan is a multifaceted web vulnerability scanner that automates the execution of various security scanning tools to efficiently uncover and assess vulnerabilities in web applications. Notable features include its one-step installation, support for multiple tools like nmap and nikto, the ability to correlate results to reduce false positives, and the provision of detailed vulnerability definitions and remediation strategies. The tool is designed to streamline the penetration testing process, saving valuable time while offering comprehensive reporting and future plans for AI-driven tool deployment based on detected issues.

AI Summary: Raven is a developer security tool designed to enhance the security of software projects by providing capabilities for managing and monitoring secrets, vulnerabilities, and compliance across development environments. Its primary use case is to integrate seamlessly into CI/CD pipelines, ensuring that code remains secure throughout the software development lifecycle. Notable features include real-time detection of security risks, a user-friendly interface, and integration with various popular development tools and platforms.

AI Summary: Reconnoitre is a reconnaissance tool designed for automating information gathering and service enumeration tailored for OSCP labs. Its primary use case involves creating a structured directory for storing results, findings, and recommended commands for each target host while offering features like DNS and SNMP sweeps, service scanning, and virtual host discovery using customizable wordlists. The tool emphasizes ease of use and flexibility, allowing users to execute tailored reconnaissance operations efficiently.

AI Summary: RecoverPy is a data recovery tool that scans raw disk partitions to recover deleted files by directly inspecting disk blocks and searching for specific byte patterns. Designed primarily for forensic data recovery, it allows users to navigate adjacent blocks to retrieve fragmented data while ensuring that the entire scanning process is memory-efficient and focused solely on raw data, without attempting any filesystem interpretations. Notably, it facilitates efficient block inspection and content extraction, though success depends on the integrity of the underlying disk blocks.

AI Summary: RedAmon is an autonomous AI framework designed for seamless cybersecurity operations that integrate reconnaissance, exploitation, and post-exploitation processes into a streamlined pipeline. It stands out by automatically triaging findings, applying code fixes, and generating pull requests in repositories, ensuring human oversight at critical junctures. Its notable features include support for over 38 security tools, integration with major vulnerability scanners, and configurable autonomy to adapt to various security assessment needs.

AI Summary: Binary Refinery is a command-line toolkit designed for the transformation of binary data, focusing on malware triage analysis through various scripts that handle tasks like compression and encryption. It enables users to create flexible processing pipelines by chaining scripts with the piping operator. Key features include the ability to read from stdin and write to stdout, extensive documentation accessible via command-line help, and an emphasis on modular units that perform singular tasks efficiently.

AI Summary: reFlutter is a framework designed for the reverse engineering of Flutter applications by utilizing a modified version of the Flutter library, enabling dynamic analysis and convenient app repacking. Notable features include traffic monitoring and interception capabilities through a patched socket.cc, modifications to display code structure information, and support for manual code changes via a custom Dockerfile. This tool allows users to bypass certain certificate pinning implementations and does not require root access for Android devices, streamlining the app analysis process.

AI Summary: requests-ip-rotator is a Python library designed to leverage AWS API Gateway’s extensive IP pool to generate numerous unique IP addresses for web scraping and brute forcing, enabling users to circumvent IP-based rate limits. The tool automatically randomizes the X-Forwarded-For headers to obscure the client’s true IP while allowing for easy integration with the requests library. Notably, it offers both manual and automatic gateway management methods for user convenience, along with cost-effective usage under AWS’s free tier.

AI Summary: Retrowrite is a static binary rewriter designed for x64 and aarch64 architectures, enabling the insertion of instrumentation into binaries without the need for source code, thereby supporting use cases in fuzzing and sanitization. The tool employs the symbolization technique to ensure zero overhead during binary rewriting and includes features such as AFL-coverage and ASan instrumentation, along with a variant (KRetrowrite) specifically for rewriting Linux kernel modules. Different algorithms and supported features are available for the x64 and arm64 versions, accommodating various binary types and compiler specifications.

AI Summary: Robin is an AI-powered OSINT tool designed for conducting investigations on the dark web, utilizing language models to enhance query refinement and result filtering from various dark web search engines. Its notable features include modular architecture for easy integration of new components, multi-model support for flexible AI interactions, a Streamlit-based web UI for user-friendly navigation, and robust reporting capabilities to save investigation outputs. It is recommended to be deployed using Docker for isolated and efficient operation.

AI Summary: ROPgadget is a tool designed to facilitate Return-Oriented Programming (ROP) exploitation by allowing users to search for gadgets within binary files. It supports multiple file formats (ELF, PE, Mach-O, Raw) and architectures (x86, x64, ARM, ARM64, MIPS, PowerPC, Sparc, RISC-V 64) and employs the Capstone disassembler for efficient gadget identification. Notable features include customizable search parameters, ROP chain generation, and support for various opcode and string searching capabilities.

AI Summary: Scapy is a versatile Python-based tool for interactive packet manipulation that allows users to forge, decode, and analyze packets across various network protocols. Its primary use cases include network scanning, tracerouting, and custom packet crafting, enabling complex tasks such as VLAN hopping and ARP cache poisoning. Notable features include extensive protocol support, intuitive shell interaction, and the ability to easily integrate into automated tests and attacks, making it a comprehensive option for cybersecurity professionals.

AI Summary: Scavenger is an OSINT bot designed to search for sensitive data leaks on paste sites, specifically targeting credentials, private keys, configuration files, and other sensitive information. It features customizable search terms, two operational modes (scraping archives and tracking users), and the ability to scan local folders for sensitive data. The bot effectively organizes crawled pastes into different directories based on detection outcomes, facilitating efficient data management.

README

Scavenger - OSINT Bot - REWORKED

bot in action

AI Summary: Search-That-Hash is a hash cracking automation tool that quickly queries popular online hash databases and utilizes Hashcat for local cracking when offline. It features automatic type identification through integration with Name-That-Hash, a fast search capability, extensibility for adding new hash sources, and an accessible design. Additionally, the tool offers both CLI and JSON API outputs, ensuring flexibility in usage for security professionals.

README

➡️ Discord ⬅️

The Fastest Hash Cracking System
pip3 install search-that-hash && sth

AI Summary: security-tools is a collection of small security utilities developed in Python and Bash, aimed at assisting CTF competitors, bug bounty hunters, penetration testers, and developers. The primary use case is to facilitate various security tasks and streamline the testing process. Notable features include a diverse range of tools tailored for different security challenges and scenarios.

README

security-tools

Small security related tools created in Python and Bash for CTF players, bug bounty hunters, pentesters and developers.

AI Summary: Sandboxed Execution Environment (SEE) is a framework designed for automating tests in secure environments utilizing customizable sandboxes through libvirt. It supports various hypervisors, including QEMU and VirtualBox, and enables modular test platforms by allowing plugin integration for enhanced event-based interaction. Ideal for isolating and managing the execution of potentially dangerous or unstable software, SEE facilitates both quick prototyping and production-level testing.

README

Sandboxed Execution Environment

:Source: https://github.com/F-Secure/see :Documentation: https://see.readthedocs.io :Download: https://pypi.python.org/pypi/python-see

AI Summary: Selenium-Driverless is a Python package that enables web automation using Selenium without the need for a chromedriver, allowing for interactions with sites that commonly employ anti-bot mechanisms like Cloudflare. Its notable features include support for multiple tabs and incognito contexts, proxy authentication, and network interception, making it suitable for use cases that require more advanced browser automation scenarios while maintaining anonymity. The tool is designed primarily for non-commercial use and provides integration with asyncio for asynchronous operations.

AI Summary: Shellen is an interactive shellcoding environment designed for writing and utilizing shellcodes, supporting both assembly and disassembly operations. Leveraging the keystone and capstone engines, Shellen allows users to seamlessly switch between different modes, search syscall tables, and run shellcodes within a subprocess, while providing a user-friendly prompt that displays the current status and architecture. This tool caters primarily to developers and security researchers working with low-level code, making shellcode manipulation intuitive and efficient.

AI Summary: SICAT is a comprehensive vulnerability and exploit finder that streamlines the reconnaissance process by aggregating data from multiple reputable databases based on user-defined keywords, Nmap scan results, or detected web technologies. Notable features include a modern web interface with real-time feedback, detailed HTML reporting with interactive elements, and intelligent keyword generation for enhanced search accuracy, all while supporting multithreaded scanning for optimized performance. This tool significantly aids security professionals in identifying vulnerabilities across various platforms and frameworks.

AI Summary: SIGIT is a modular OSINT CLI tool designed for efficient collection of public information, supporting reconnaissance, security testing, and digital forensics tasks. Its architecture leverages asynchronous programming and parallel scanning to enable fast data gathering across 14 diverse tools, including username checks, IP location services, and SSL certificate analysis. Notable features include a user-friendly command-line interface and a design that minimizes resource leaks through automated session management.

README

AI Summary: Silver is a mass vulnerability scanner that integrates with masscan and nmap to provide rapid, comprehensive TCP port scanning and vulnerability assessment. Notable features include resumable scanning, multi-core utilization, caching of vulnerability data, and integration with Shodan, allowing for efficient parallel processing and streamlined notifications through Slack. Its support for various input formats and customizable scanning options enhances its usability for security assessments across different environments.

README

Silver

Mass Vulnerability Scanner

AI Summary: SIPVicious OSS is a comprehensive toolset designed for auditing SIP-based VoIP systems. Its primary functions include discovering SIP servers, enumerating extensions, and facilitating password cracking through various methods, making it an essential resource for penetration testing of VoIP infrastructures. Notable features include its scanning capabilities (svmap), extension identification (svwar), password cracking (svcrack), session reporting (svreport), and the ability to exploit vulnerabilities in SIP systems (svcrash).

README

Welcome to SIPVicious OSS security tools

AI Summary: SiteDorks is a versatile tool designed for conducting advanced searches across multiple search engines like Google and Bing using predefined dork lists. It simplifies the querying process by allowing users to categorize their search terms and automate input from a default list of 629 dorkable websites. Notable features include the ability to customize searches, manage multiple domain queries easily, and access regularly updated lists for specific countries and categories.

AI Summary: Slowloris is a Python tool designed to execute HTTP Denial of Service attacks against threaded servers by maintaining numerous open connections through periodic header transmissions, thereby exhausting the server’s thread pool. It supports SOCKS5 proxy connections for enhanced anonymity and offers various configuration options such as socket count, random user agents, and logging verbosity to customize the attack parameters. This tool is primarily used for testing the resilience of web servers against DoS attacks.

AI Summary: socid-extractor is a command-line tool and Python library designed for extracting user profile data from various social media and web platforms, storing the information in a machine-readable format. Supporting over 100 methods for different sites, it enables users to retrieve details such as usernames, links, and personal attributes, facilitating use cases in OSINT and user tracking. Notable features include the ability to skip HTTP requests for unknown URLs, batch processing options, and integration capabilities for broader investigative workflows.

AI Summary: Spoilerwall is a network hardening tool that obscures open ports by serving movie spoilers whenever a scan is performed, effectively misleading potential attackers. Its primary use case is to create a deceptive environment that appears vulnerable but instead provides mundane content, deterring unwanted attention and scans. Notable features include customizable spoiler content, easy server setup, and the ability to redirect all TCP traffic to the Spoilerwall service, enhancing security through obfuscation.

AI Summary: Spoofy is a Python-based tool designed to evaluate the spoofability of domains by analyzing their SPF and DMARC records. It features authoritative lookups with a known DNS fallback, accurate bulk processing, and a customizable spoof logic derived from real-world testing, enabling users to conduct comprehensive assessments of domain security configurations. Additionally, Spoofy offers DKIM selector enumeration via API as an optional feature, making it a valuable resource for cybersecurity assessments.

AI Summary: sqlmap is an open-source penetration testing tool designed for automating the detection and exploitation of SQL injection vulnerabilities in web applications. It features a robust detection engine with capabilities such as database fingerprinting, data extraction, file system access, and command execution through out-of-band connections, making it a comprehensive tool for security professionals. The tool is compatible with Python 2.7 and 3.x, ensuring broad platform support.

README

sqlmap

AI Summary: SSH-MITM is a security auditing tool that functions as a man-in-the-middle SSH server, capable of intercepting and analyzing SSH sessions. It supports various authentication methods, including public key and password authentication, along with features like session hijacking, file manipulation during SCP/SFTP transfers, and dynamic port forwarding. Notably, it also includes capabilities for phishing FIDO tokens and auditing clients for known vulnerabilities, making it a versatile solution for security assessments.

AI Summary: SSRF-Testing is a tool designed for testing and exploiting Server Side Request Forgery (SSRF) vulnerabilities. It provides a variety of resources, including quick URL bypass methods, custom HTTP response generation, and a minimal web server setup for testing different response codes across various file types. Notably, it also includes an IP encoding utility to facilitate testing within whitelisted domains.

README

AI Summary: SSTImap is a penetration testing tool designed to identify and exploit Server-Side Template Injection (SSTI) vulnerabilities in web applications. Its notable features include an interactive mode for enhanced exploitation, support for various programming languages and template engines, and a modular plugin architecture allowing for extensibility. The tool enables advanced exploitation techniques, including the use of generic payloads and evaluation scenarios.

README

SSTImap

AI Summary: SubDomainizer is a reconnaissance tool that identifies hidden subdomains and secrets from specified URLs, web pages, and external JavaScript files. It supports various cloud storage services and can detect S3 buckets and CloudFront URLs, potentially exposing vulnerabilities such as open read/write permissions and subdomain takeover risks. The tool is capable of scanning both individual URLs and lists, with a feature for extracting secrets based on keyword searches and Shannon Entropy calculations, although this is currently in beta phase.

AI Summary: Sublert is a Python-based security tool designed for monitoring new subdomains associated with specific organizations by leveraging certificate transparency. It facilitates automated alerts to a Slack workspace for newly identified subdomains and includes functionalities for DNS resolution to verify active subdomains. Key features include periodic monitoring, configuration options for concurrent threads, and logging capabilities.

README

                                   _____       __    __          __
                                  / ___/__  __/ /_  / /__  _____/ /_
                                  \__ \/ / / / __ \/ / _ \/ ___/ __/
                                 ___/ / /_/ / /_/ / /  __/ /  / /_
                                /____/\__,_/_.___/_/\___/_/   \__/

                                    Author: Yassine Aboukir
                                        Version: 1.4.7

AI Summary: SubScraper is a subdomain enumeration tool designed for penetration testers and bug bounty hunters, enabling the discovery of an organization’s attack surface through multiple techniques. It supports DNS resolution, HTTP(S) requests, and CNAME lookups, along with modular support for various data sources and the capability to handle multiple targets. Key features include compatibility with Windows CLI, output formatting in .txt or .csv, and easy extensibility to add new enumeration methods.

AI Summary: Taranis AI is an advanced Open-Source Intelligence (OSINT) tool that utilizes Artificial Intelligence and Natural Language Processing to gather and enhance information from various unstructured data sources, primarily news articles. Its notable features include a streamlined workflow for analysts to convert unstructured data into structured reports, multi-format output capabilities, seamless publication of intelligence products, and experimental support for collaborative threat intelligence via integration with MISP.

README

Taranis AI

AI Summary: The Tata Sky/Play IPTV Script generator is a tool that creates an m3u playlist containing direct streamable files, specifically designed for users with a Tata Sky subscription. It offers both an easy-to-use app and a command-line script for generating the playlist, with features like automatic login credential storage and expiration notifications for the generated playlist. This tool is primarily aimed at facilitating seamless access to subscribed channels through compatible IPTV applications.

AI Summary: The Telegram Channel Scraper is a Python-based tool that enables users to scrape messages and media from Telegram channels using the Telethon library. Key features include real-time scraping, enhanced metadata capture such as message statistics and reactions, smart filtering for channel management, and data export capabilities in CSV and JSON formats. With automatic database migration and a user-friendly interactive menu, it supports efficient channel monitoring and data retrieval.

AI Summary: Tenet is an IDA Pro plugin designed for exploring execution traces of binaries, facilitating a more intuitive navigation of complex execution patterns. It supports bidirectional exploration of traces with visual representation of execution flow, along with features for zooming and setting breakpoints on instructions and memory. This tool is particularly useful for reverse engineers aiming to analyze program behavior and execution contexts in a detailed manner.

README

Tenet - A Trace Explorer for Reverse Engineers

AI Summary: theHarvester is a reconnaissance tool designed for red team assessments and penetration tests, facilitating the gathering of open-source intelligence (OSINT). It collects various types of data such as names, emails, IP addresses, subdomains, and URLs from multiple public sources, enhancing a security professional’s understanding of a domain’s external threat landscape. Notable features include support for numerous passive modules that query different search engines and databases, enabling comprehensive domain analysis and threat enumeration.

AI Summary: theZoo is a live malware repository designed to facilitate malware analysis by providing a comprehensive collection of malware samples and source code for educational and research purposes. It enables users to safely analyze malware behavior in isolated environments, with guidance on precautions for running potentially dangerous samples. Notable features include a user-friendly setup through a Python-based command-line interface and organized access to various malware types for in-depth research.

AI Summary: Thug is a low-interaction honeyclient developed in Python that emulates the behavior of a web browser to detect and analyze client-side attacks by allowing malicious content to exploit its simulated environment. Its primary use case is research and detection of vulnerabilities in client applications, akin to a honeypot but focused on the client side. Notable features include its ability to mimic user interactions and support for detailed analysis of malicious payloads in a controlled setting.

AI Summary: TIDoS is an advanced offensive web application penetration testing framework designed to facilitate comprehensive security assessments by automating tasks across multiple phases, including reconnaissance, scanning, and vulnerability analysis. With over 100 modules and features such as multiprocessing for performance enhancement, a Metasploit-like console interface, and a graphical user interface, TIDoS streamlines the penetration testing process, enabling users to conduct efficient and thorough web application security assessments with minimal configuration. Additional capabilities like Tor integration further enhance anonymity during testing efforts.

AI Summary: tinfoleak is an open-source tool designed for Twitter intelligence analysis, enabling automated extraction and analysis of data based on user identifiers, geographic coordinates, or keywords. It provides comprehensive insights into user activities, account relations, geolocation data, and engagement metrics, making it a valuable resource for intelligence analysts. Notable features include ability to analyze text and media, track user interactions, and monitor digital identities across social networks.

README

tinfoleak

The most complete open-source tool for Twitter intelligence analysis

AI Summary: Tookie-OSINT is an open-source tool designed for username discovery across multiple online platforms, offering a straightforward user interface for ease of use. It aims to facilitate operational security and intelligence gathering for new programmers and penetration testers, achieving an approximately 80% success rate in finding user accounts. Notable features include full reimplementation for enhanced performance and multilingual support.

README

AI Summary: TorBot is an open-source intelligence tool designed for crawling and gathering data from .onion websites on the dark web. Its primary use case involves extracting page titles, saving links in a database, and visualizing link relationships, facilitating user insights into dark web resources. Notable features include the ability to check link status, customize crawling depth, and output results in various formats such as JSON and HTML.

README

                         ████████╗ ██████╗ ██████╗     ██████╗  ██████╗ ████████╗
                         ╚══██╔══╝██╔═══██╗██╔══██╗    ██╔══██╗██╔═████╗╚══██╔══╝
                            ██║   ██║   ██║██████╔╝    ██████╔╝██║██╔██║   ██║
                            ██║   ██║   ██║██╔══██╗    ██╔══██╗████╔╝██║   ██║
                            ██║   ╚██████╔╝██║  ██║    ██████╔╝╚██████╔╝   ██║
                            ╚═╝    ╚═════╝ ╚═╝  ╚═╝    ╚═════╝  ╚═════╝    ╚═╝

                            Open Source Intelligence Tool for the Dark Web

AI Summary: Toutatis is a Python-based tool designed for extracting detailed information from Instagram accounts, such as emails, phone numbers, and user statistics. Its primary use case is to facilitate data retrieval for user analysis or account verification, utilizing either a username or an Instagram ID. Notable features include the ability to access both public and obfuscated contact details, alongside comprehensive profile metrics.

README

Toutatis

👋 Hi there! For any professional inquiries or collaborations, please reach out to me at: megadose@protonmail.com

AI Summary: Trape is an OSINT analysis tool designed for real-time tracking and execution of social engineering attacks, primarily aimed at assisting government organizations, companies, and researchers in identifying cybercriminals. Key features include precise locator optimization, a REST API for remote website monitoring, and capabilities for executing phishing attacks, managing JavaScript injections, and analyzing target network information. The tool emphasizes stealth and user control, allowing for sophisticated manipulation of browser behavior to extract sensitive information covertly.

AI Summary: Un{i}packer is a platform-independent tool designed for the automatic unpacking of Windows Portable Executable (PE) files that have been packed using various runtime packers, thereby facilitating malware analysis. Utilizing the Unicorn Engine for emulation, it effectively handles multiple well-known packers, including ASPack and UPX, and allows for manual input of addresses for less common packers. This tool is particularly beneficial for analysts seeking to bypass challenges posed by malware obfuscation and streamline the unpacking process without requiring a Windows environment.

AI Summary: Unlicense is a Python 3 tool designed to dynamically unpack executables protected by Themida and WinLicense versions 2.x and 3.x, accommodating both 32-bit and 64-bit portable executables (PEs) and .NET assemblies. Its notable features include automatic recovery of the original entry point (OEP) and obfuscated import tables, although it requires a valid license file for certain WinLicense-protected executables and may produce non-runnable dumps. Users can interact with the tool via a command-line interface or a drag-and-drop executable option for ease of use.

AI Summary: Uscrapper Vanta is an open-source intelligence tool designed for advanced data extraction from both the surface web and the dark web, specifically targeting personal information such as email addresses, social media links, and geolocations. Notable features include keyword-based scraping for tailored data extraction, support for .onion domains, and comprehensive reporting capabilities, which transform raw data into actionable insights. The tool employs multithreading and anti-web scraping defenses to enhance its effectiveness in information gathering.

AI Summary: User Scanner is an advanced email and username OSINT tool designed to verify the registration status of emails and the availability of usernames across multiple platforms, including GitHub, X (formerly Twitter), Reddit, and Instagram. It features dual-mode usage for email and username scanning, supports bulk scanning, utilizes wildcard-based username permutations, and provides clear output formats such as JSON and CSV, along with proxy support for enhanced anonymity. The tool’s modular architecture allows for easy integration of new platforms, making it a versatile choice for security professionals and branding efforts.

AI Summary: V3n0M-Scanner is an offensive security framework designed for vulnerability scanning and penetration testing, offering a Python-based toolkit that operates across both Linux and Windows platforms. Notable features include advanced scanning capabilities for SQL injection, local file inclusion to remote code execution, and a Cloudflare resolver, along with extensive target lists and efficient scanning of potentially millions of IPs for known vulnerabilities. The tool is open-source and aims to provide transparency and ease of use for security professionals.

AI Summary: VAmPI is a vulnerable API built on Flask that includes the OWASP Top 10 vulnerabilities for APIs, designed to assess the efficacy of security tools in detecting API-related security issues. It features a global toggle to enable or disable vulnerabilities during testing, along with token-based authentication and a Swagger UI for direct interaction. The tool serves both educational and practical purposes, allowing users to practice security testing and improve their understanding of API vulnerabilities.

AI Summary: VHostScan is a virtual host scanner designed to enhance the discovery of virtual hosts and identify catch-all scenarios, aliases, and dynamic default pages. This tool is particularly useful for penetration testers and security professionals, as it features a modernized codebase, improved wordlists for various environments, robust error handling, and performance optimizations. Notable capabilities include support for both HTTP and HTTPS, customizable wordlist inputs, and the ability to identify new targets through reverse lookups.

AI Summary: Villain is a high-level C2 framework designed for managing multiple reverse TCP and HoaxShell-based shells, allowing users to enhance shell functionality and share features across different instances. Notable features include customizable payload generation, a dynamic pseudo-shell prompt for session management, file upload capabilities, fileless script execution, and a built-in Session Defender to prevent user errors during command input. The tool is primarily aimed at ethical hacking and penetration testing, ensuring users operate within legal boundaries.

AI Summary: ViperMonkey is a Python-based VBA emulation engine specifically designed for the analysis and deobfuscation of malicious VBA macros found in Microsoft Office files. Its primary use case is aiding cybersecurity professionals in identifying and understanding obfuscated malware by executing VBA scripts in a controlled environment. Notable features include its integration with Docker for ease of installation and enhanced performance when utilizing PyPy, although it also operates with traditional Python interpreters.

AI Summary: Vivisect is a versatile framework that integrates disassembly, static analysis, symbolic execution, and debugging capabilities, designed for use in cybersecurity tasks. Its primary use case is to facilitate in-depth analysis of binary executables, assisting researchers and security professionals in vulnerability discovery and exploitation analysis. Notable features include Python 3 compatibility, a graphical user interface, and seamless integration with documentation for enhanced usability.

README

Vivisect / Vdb / Vtrace

A combined disassembler/static analysis/symbolic execution/debugger framework.

AI Summary: vmlinux-to-elf is a tool designed to convert vmlinux, vmlinuz, bzImage, or zImage kernel images into fully analyzable ELF files, recovering function and variable symbols from compressed kernel symbol tables. Its primary use case is embedded systems reverse engineering, enabling users to analyze the resulting ELF files with tools such as IDA Pro and Ghidra. Notable features include automatic detection and unpacking of the main compression formats used in Linux kernels, as well as a graphical user interface for enhanced usability.

AI Summary: VulnX is an intelligent bot designed for automatic shell injection that identifies vulnerabilities across various content management systems (CMS). Key features include multi-threaded vulnerability scanning, target information gathering, subdomain enumeration, and the ability to search for exploits using dorks, which streamline the injection process as opposed to manual methods. The tool supports multiple CMS platforms, enhancing its usability for security assessments and penetration testing.

README

VulnX

Vulnx 🕷️ is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms

AI Summary: WebKiller V2 is a Python-based tool designed for information gathering and CMS detection in web applications. Its primary use case is to aid cybersecurity professionals in identifying vulnerabilities and obtaining crucial data about target websites. Notable features include a user-friendly command-line interface, compatibility with multiple operating systems, and comprehensive installation instructions.

README

WebKiller V2

Tool Information Gathering Write With Python.

PreView

    
 ██╗    ██╗███████╗██████╗ ██╗  ██╗██╗██╗     ██╗     ███████╗██████╗ 
 ██║    ██║██╔════╝██╔══██╗██║ ██╔╝██║██║     ██║     ██╔════╝██╔══██╗
 ██║ █╗ ██║█████╗  ██████╔╝█████╔╝ ██║██║     ██║     █████╗  ██████╔╝
 ██║███╗██║██╔══╝  ██╔══██╗██╔═██╗ ██║██║     ██║     ██╔══╝  ██╔══██╗
 ╚███╔███╔╝███████╗██████╔╝██║  ██╗██║███████╗███████╗███████╗██║  ██║
 ╚══╝╚══╝ ╚══════╝╚═════╝ ╚═╝  ╚═╝╚═╝╚══════╝╚══════╝╚══════╝╚═╝  ╚═╝
 ====================================================================
 **                  WebSite : UltraSec.org                        **
 **                  Channel : @UltraSecurity                      **
 **                 Developers : Ultra Security Team               **
 **                   Thank's : .::Shayan::.                       **
 ====================================================================          
          
 [$] Choose one of the options below 

 [1] Information Gathering

 [2] CMS Detection

 [3] Developer :)

 [4] Exit . . .

 ┌─[WEBKILLER~@HOME]
 └──╼ $ 

Operating Systems Tested

• Kali Linux 2020.1
• Windows 10
• Ubuntu 19.10

Install

git clone https://github.com/ultrasecurity/webkiller.git
cd webkiller
pip3 install -r requirements.txt
python3 webkiller.py 

ScreenShot

AI Summary: Weird Proxies is a comprehensive cheat sheet designed to document the behaviors and vulnerabilities of various reverse proxies, cache proxies, and load balancers. The tool serves as a resource for security professionals analyzing potential security threats and related attack vectors associated with commonly used proxy technologies like Nginx, Apache, and AWS. Notable features include detailed analyses and links to additional research articles, offering practical insights for understanding weaknesses in proxy configurations.

AI Summary: WeirdAAL (AWS Attack Library) is a tool designed for simulating and performing various attack scenarios specifically targeting Amazon Web Services environments. Its primary use case is to aid security professionals in understanding and mitigating potential vulnerabilities within AWS by utilizing a comprehensive collection of attack vectors. Notable features include extensive documentation and potential integration with other security testing frameworks.

README

WeirdAAL (AWS Attack Library)

WeirdAAL (AWS Attack Library)

AI Summary: Windows Exploit Suggester - Next Generation (WES-NG) is a vulnerability assessment tool for Windows operating systems from XP to 11, leveraging the output of the systeminfo utility to identify potential vulnerabilities and applicable exploits. The tool supports multiple methods for patch assessment and incorporates a database updated from various security sources, including the Microsoft Security Update API. Notable features include the ability to validate missing patches against Microsoft’s Update Catalog and a collector for maintaining an up-to-date vulnerability database.

AI Summary: WhatBreach is an OSINT tool designed to identify and aggregate data on email breaches from various sources, enabling users to assess the security status of one or multiple email addresses. Key features include integration with APIs like haveibeenpwned.com for breach detection, dehashed.com for database searches, and additional functionality for domain investigation and pastes analysis from platforms such as Pastebin. The tool also supports request throttling to prevent service blocking, customizable output directories for data downloads, and verification of email deliverability.

AI Summary: WhatsApp Beacon is an OSINT tracking tool designed to monitor the online status of specific WhatsApp contacts, storing session data in SQLite for analysis. It features automated installation, headless operation, and advanced analytics capabilities, including exporting data to Excel and generating detailed HTML reports with visualizations. This tool emphasizes ethical use for educational and research purposes.

README

🕵️‍♂️ WhatsApp Beacon (OSINT Tracker)

WhatsApp Beacon tracks when specific WhatsApp contacts go online and stores every completed session in SQLite. It can export to Excel, generate a polished analytics dashboard, and run fully headless once the session is authenticated.

AI Summary: WhatsMyName is an open-source tool designed for OSINT practitioners to identify whether specific usernames are registered on various websites, using a central JSON data file of accessible sites that adhere to specific URL format criteria. The project has shifted its focus from direct username checking scripts to maintaining and enhancing its dataset, which supports various third-party tools and extensions for username validation across diverse platforms. Notable features include community-driven contributions, compatibility with multiple user-checking tools, and the ability to integrate with user-friendly web interfaces and applications.

AI Summary: Wifi-deauth is a cybersecurity tool designed to perform denial-of-service (DoS) attacks by disconnecting all devices from a targeted Wi-Fi network without requiring the network’s password. It operates by sending spoofed deauthentication packets to both the access point and its connected clients, with the capability to operate across multiple channels simultaneously, supporting both 2.4GHz and 5GHz bands. Notable features include the ability to filter attacks by specific SSIDs or BSSIDs, optional usage of multiple interfaces, and tailored channel scanning to enhance attack efficacy.

AI Summary: Wifi-Hacking is a cybersecurity tool designed to penetrate and retrieve Wi-Fi passwords using various methods, including scanning networks, capturing handshakes, and employing WPS attacks. Its notable features include the ability to start and stop monitor mode, create custom wordlists for cracking, and support for multiple Linux-based operating systems, making it versatile for penetration testing and educational purposes. Users are cautioned to utilize this tool responsibly and ethically.

README

AI Summary: WitnessMe is a versatile web inventory tool designed for efficient scanning and data gathering, primarily utilizing headless Chromium via the Pyppeteer library. It excels in processing large Nessus and NMap XML files, generates CSV and HTML reports, and features a RESTful API for remote scanning and extensibility to accommodate custom functionalities. With additional capabilities like HTTP proxy support, signature scanning through YAML files, and terminal screenshot previews, WitnessMe stands out for providing a comprehensive workflow without significant installation challenges.

AI Summary: WPeChatGPT is an IDA plugin that leverages OpenAI’s gpt-3.5-turbo model to assist analysts in evaluating binary files. Its primary use case includes analyzing binary functions for their intended purpose, renaming variables, restoring functions using Python, identifying vulnerabilities, and automatically generating exploits for those vulnerabilities. Notable features include support for automatic analysis of binary files through Auto-WPeGPT and the ability to work seamlessly within the IDA environment using various shortcuts and menu options.

AI Summary: WPForce is a comprehensive suite of tools designed for attacking WordPress installations, primarily focusing on brute-forcing login credentials via the API. Its notable features include the ability to automatically upload interactive shells post-authentication, dump WordPress password hashes, and pivot to a meterpreter session, making it suitable for penetration testing and post-exploitation scenarios. The tool leverages multi-threading to optimize the brute-force attack process while providing options for verbose output and error debugging.

AI Summary: X-osint is an open-source OSINT tool designed for gathering credible information related to phone numbers, email addresses, and IP addresses, with additional features planned for future updates. Notably, it includes functionalities for IP and email information gathering, metadata extraction from images and files, subdomain enumeration, and DNS lookups, among others. The tool is built using Python and Bash and is maintained actively, ensuring regular updates and enhancements.

README

X-osint

This is an osint tool which gathers useful and yet credible valid information about a phone number, user’s email address and ip address and more to come in future updates

AI Summary: xeuledoc is a Python tool designed for retrieving metadata and information from various types of public Google documents, including Google Drive files, Google Docs, Sheets, Slides, Drawings, My Maps, Apps Script, and Jamboard. Notable features include ease of installation via PyPI and GitHub, and the ability to handle multiple Google document formats, making it a versatile solution for information extraction from Google’s platform.

README

xeuledoc

AI Summary: XMiR-Patcher is a firmware patching tool specifically designed for Xiaomi routers, facilitating the modification of router firmware for enhanced functionality. It supports both Windows and Linux/Mac operating systems, requiring Python 3.8+ and OpenSSL for operation. Notable features include straightforward execution through batch and shell scripts, making it accessible for users across different platforms.

README

XMiR-Patcher

Firmware patcher for Xiaomi routers

Usage

Windows

• Run run.bat

Linux / Mac OS

• Install python 3.8+ and openssl
• Run run.sh

Donations

AI Summary: XSSer is an automated framework designed for the detection, exploitation, and reporting of Cross-Site Scripting (XSS) vulnerabilities in web applications. It features over 1300 pre-installed XSS attack vectors, sophisticated techniques for bypassing various web application firewalls (WAFs) and browsers, and is capable of operating on multiple platforms with dependencies on Python and essential libraries such as Selenium and BeautifulSoup.

README

• Web: https://xsser.03c8.net

Cross Site “Scripter” (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

AI Summary: Xteam is a multifunctional tool designed for information gathering and security testing, primarily targeting Instagram data extraction, Android lockscreen cracking, and phishing methods. It includes features for wireless attacks and provides an update script to enhance its capabilities. The tool operates on Termux and Kali Linux, requiring no root access for installation.

README

Xteam tool

AI Summary: yarGen is a YARA rule generator designed to create rules based on strings extracted from malware files while filtering out strings common to goodware, thereby enhancing detection capabilities. Notable features include the integration of a naive-Bayes classifier for improved string selection, opcode processing from PE files, and support for additional conditions using the pe module. The tool also allows for output tailored for AI processing by appending instructions to generated rules when using the --ai flag.

AI Summary: Yark is a YouTube archiving tool designed to simplify the process of downloading and managing video content and metadata from YouTube channels. Its primary use case is to create and maintain local archives of videos, allowing users to refresh and view their collections offline, complete with timeline reports and commenting features. Notable features include an easy-to-use command line interface, support for rich history and stats visualization, and a robust directory-based archive structure that preserves deleted or private videos.

AI Summary: Yes, it’s me! is a Python-based Open Source Intelligence (OSINT) tool designed to locate Instagram profiles via name, email, or phone number. It effectively utilizes indexing from dumpor.com to fetch usernames associated with a specified name and compares them against provided obfuscated contact details, enabling streamlined online investigations. Notable features include multi-level match scoring, customizable request timeouts, and support for partial inputs to enhance user anonymity.

README

AI Summary: Zehef is an OSINT tool designed to gather public information on targeted email addresses. Its primary use case includes checking if an email is associated with any data breaches, pastes on platforms like Pastebin, and identifying linked social media accounts across various services. Notable features include email combination generation and integration with breach detection services like HudsonRock.

README

Z e h e f

AI Summary: Zero Attacker is a suite of ethical hacking tools designed for penetration testing and includes both free and paid advanced tools. It offers a user-friendly interface for quick setup and execution via Python, with additional features available upon request through their Discord server. The tool emphasizes community engagement and support, aiming to facilitate a comprehensive hacking experience for users.

README

Zero Attacker

launching new version beta testing is here add me on discord .asjad asap