Penetration Testing

PayloadsAllTheThingsPython

A comprehensive collection of payloads and bypass techniques for web application security testing and penetration testing.

PayloadsAllTheThingsPython

A comprehensive collection of payloads and bypass techniques for web application security testing and penetration testing.

SecListsPHP

A comprehensive collection of security testing wordlists and payloads for penetration testers and security researchers.

mitmproxyPython

An interactive TLS-capable intercepting HTTP proxy for penetration testing and software development.

Metasploit FrameworkRuby

An open-source penetration testing framework for developing and executing exploit code against remote targets.

Metasploit JavaScript ObfuscatorRuby

An open-source penetration testing framework for developing and executing exploit code against remote targets.

SQLMapPython

An open-source penetration testing tool that automates SQL injection detection and database takeover.

NucleiGo

A fast, customizable vulnerability scanner with a YAML-based DSL, powered by a global security community.

Awesome Pentest

A curated collection of penetration testing tools, resources, and educational materials for offensive cybersecurity professionals.

mimikatzC

A Windows security tool for extracting credentials, hashes, and Kerberos tickets from memory and performing various post-exploitation techniques.

Mobile-Security-Framework MobSFJavaScript

An automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis, and security assessment framework.

rustscanRust

A modern, fast port scanner with a scripting engine and adaptive learning, capable of scanning all 65k ports in 3 seconds.

RustScanRust

A modern, fast port scanner that finds all 65k ports in 3 seconds and features a scripting engine for extensibility.

RustScanRust

A modern, fast port scanner with a scripting engine that can scan all 65k ports in 3 seconds.

BettercapGo

A portable, extensible framework for network reconnaissance and MITM attacks on WiFi, BLE, HID, CAN-bus, IPv4, and IPv6 networks.

Hacking

A curated collection of hacking tutorials, tools, and resources for security education and penetration testing.

Awesome Hacking

A curated collection of hacking tutorials, tools, and resources for security professionals and enthusiasts.

lynisShell

A security auditing and hardening tool for UNIX-based systems, performing in-depth scans and compliance testing.

Hacker Roadmap

A comprehensive collection of hacking tools, resources, and references for learning and practicing ethical hacking and penetration testing.

ZapJava

A free, open-source web application security scanner for finding vulnerabilities during development and testing.

XSStrikePython

An advanced XSS detection suite that uses context analysis and intelligent payload generation to find vulnerabilities.

setoolkitPython

An open-source penetration testing framework for social engineering with custom attack vectors to create believable attacks quickly.

wifiphisherPython

A rogue Access Point framework for conducting Wi-Fi security testing and phishing attacks during red team engagements.

SubFinderGo

A fast, passive subdomain enumeration tool for security researchers and penetration testers.

PwntoolsPython

A Python CTF framework and exploit development library designed for rapid prototyping and security research.

Web Security

A curated collection of web security resources, tools, and research materials for learning penetration techniques.

RoutersploitPython

An open-source exploitation framework dedicated to embedded devices for penetration testing and vulnerability assessment.

John The JumboC

An advanced offline password cracker supporting hundreds of hash and cipher types across multiple platforms.

PowerSploitPowerShell

A PowerShell post-exploitation framework for penetration testers, providing modules for code execution, persistence, reconnaissance, and credential theft.

OWASP Mobile Security Testing GuidePython

A comprehensive manual for mobile app security testing and reverse engineering, aligned with OWASP MASVS and MASWE.

PhotonPython

An incredibly fast web crawler designed for OSINT (Open Source Intelligence) data extraction.

NmapC

A free and open-source network discovery and security auditing tool for mapping networks and identifying services.

Sublist3rPython

A Python tool for fast subdomain enumeration using OSINT and bruteforce, designed for penetration testers and bug hunters.

beefJavaScript

A penetration testing framework that exploits web browsers as beachheads for client-side attacks.

webshellPHP

A collection of webshell scripts in various languages for security testing and research purposes.

ESP32MarauderC++

A suite of WiFi and Bluetooth offensive and defensive security tools for the ESP32 microcontroller.