Docker-based platform for conducting MiTM attacks using Responder, NTLMRelayX, and Empire

A default credential scanner.

Wordlist, rules and masks from Kaonashi project (RootedCON 2019)

BugBuntu Linux

A fast TCP/UDP tunnel over HTTP

✨ Magical shell history

A tool for adding new lines to files, skipping duplicates

This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the hi…

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!

Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.

Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, all the possible IPs, PORTs and SSL/TLS Certs are searched to …

SolarWinds Orion Account Audit / Password Dumping Utility

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

A utility to detect various technology for a given IP address.

The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

Fast web fuzzer written in Go

🤖 The Modern Port Scanner 🤖

Various *nix tools built as statically-linked binaries

A golang utility to spider through a website searching for additional links.

Username enumeration and password spraying tool aimed at Microsoft O365.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Bruteforcing from various scanner output - Automatically attempts default creds on found services.

Urls status code & content length checker

Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

A highly customised CTF, bounty hunting & penetration testing environment based on the official kali-rolling docker image

Mass scan IPs for vulnerable services

Parsing HTML at the command line

A list of useful payloads and bypass for Web Application Security and Pentest/CTF