Ferramenta avançada de análise forense, recuperação de repositórios Git e outros artefatos expostos publicamente na web via HTTP, perfeita para aquele recon de respeito

PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Beyond enumeration: Automated identity triangulation and cognitive profiling for modern OSINT investigations. 🕵️‍♂️🧠

Hunt down social media accounts by username across social networks

Open Source Vulnerability Management Platform

Why is this running?

Stealth Blue Team Security Audit Framework

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

This repo has a collection of scripts and exploits for OSCP-style labs. It covers enumeration, exploitation, web testing, and reverse shells.

PDF Reader in JavaScript

NeuroSploitv2 is an advanced, AI-powered penetration testing framework designed to automate and augment various aspects of offensive security operations. Leveraging the capabilities of large langua…

Context-aware Nmap reconnaissance framework with traffic intelligence and AD awareness

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot), sqlite, excel and d2-lang. Simply put it's nmap converter.

A mostly-serverless distributed hash cracking platform

This GitHub repo is a powerhouse collection of scraping APIs for developers that you can start using immediately to build everything from simple automations to full-scale applications.

Manage and configure Akamai from the Command Line.

rep+ — Burp-style HTTP Repeater for Chrome DevTools with built‑in AI to explain requests and suggest attacks

CVE-2025-55182 POC

WebSift is an OSINT ethical hacking tool designed to scrape and extract emails, phone numbers, and social media links or other URLs from websites. It is developed for Termux and Linux-based systems

Script to quick check CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) - Critical unauthenticated RCE vulnerabilities in the React Server Components (RSC) “Flight” protocol.

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

AutoPentestX – Linux Automated Pentesting & Vulnerability Reporting Tool

The pattern matching swiss knife

AI-Powered Dark Web OSINT Tool

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation b…