A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

OpenAssistant is a chat-based assistant that understands tasks, can interact with third-party systems, and retrieve information dynamically to do so.

Some handy bash scripts I use for the OSCP

A compact guide to network pivoting for penetration testings / CTF challenges.

Yet another general purpose discord bot

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (D…

A checklist to help students track their OSCP exercise progress.

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

A swiss army knife for pentesting networks

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake

Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course

Directory/File, DNS and VHost busting tool written in Go

iOS Logs, Events, And Plist Parser

Nikto web server scanner

Codebase to generate an msdt-follina payload

Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.

A collection of hacking / penetration testing resources to make you better!

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Metasploit Framework

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

Unified repository for different Metasploit Framework payloads

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

The OWASP ZAP core project

Application Security Verification Standard

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digi…

Automated Adversary Emulation Platform

Empire is a PowerShell and Python 3.x post-exploitation framework.