f-alpha5 Goto Github PK

impost3r

👻Impost3r -- A linux password thief

interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

intruderpayloads

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

keyfinder

Keyfinder🔑 is a tool that let you find keys while surfing the web!

metasploit-framework

Metasploit Framework

minimalistic-offensive-security-tools

A repository of tools for pentesting of restricted and isolated environments.

open-redirect-scanner

open redirect subdomains scanner

open_redirect_payload_list

Open Redirect Vulnerability Payload List

oscp-exam-report-template-markdown

:orange_book: OSCP Exam Report Template in Markdown

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

postmessage-tracker

A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

powerlevel10k

A Zsh theme

powersploit

PowerSploit - A PowerShell Post-Exploitation Framework

pwdb-public

A collection of all the data i could extract from 1 billion leaked credentials from internet.

pwn-machine

The Pwning Machine

reconpi

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

rengine

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.

resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

rmiscout

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sharingan

Offensive Security recon tool

sploits

subfinder

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

subscraper

Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomains to enumerate a list of subdomains for a given URL.

sudo_killer

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo

tiny-xss-payloads

A collection of tiny XSS Payloads that can be used in different contexts.

weird_proxies

Reverse proxies cheatsheet

win-brute-logon

Crack any Microsoft Windows users password without any privilege (Guest account included)

wuzz

Interactive cli tool for HTTP inspection