One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Redis 4.x/5.x RCE

Tools, utilities and scripts to help you write redis modules!

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

Next generation web scanner

Web application fuzzer

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to …

Directory/File, DNS and VHost busting tool written in Go

bash poc scripts to exploit open fpm ports

Fast web fuzzer written in Go

Network Infrastructure Penetration Testing Tool

Nikto web server scanner

Nmap - the Network Mapper. Github mirror of official SVN repository.

Swaks - Swiss Army Knife for SMTP

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A fast TCP/UDP tunnel over HTTP

OSCP Cheat Sheet

PowerShell for Pentesters

Red Team Scripts by d0nkeys (ex SnadoTeam)

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

C# Script used for Red Team

Collection of Offensive C# Tooling

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Collection of the cheat sheets useful for pentesting

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

A collection of hacking / penetration testing resources to make you better!

Tools & Interesting Things for RedTeam Ops

A tool to analyze multi-byte xor cipher