Lists (1)
Stars
⚙️ NGINX config generator on steroids 💉
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
Web Extension for saving a faithful copy of a complete web page in a single HTML file
💻 Democratizing Snippet Management (macOS/Win/Linux)
A curated list of CTF frameworks, libraries, resources and softwares
🚀 The jQuery plugin that brings select elements into the 21st century with intuitive multiselection, searching, and much more.
Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Ap…
A collaborative, multi-platform, red teaming framework
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
❇️ Lovelace button-card for home assistant
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
SimplE RePort wrIting and COllaboration tool
A mostly-serverless distributed hash cracking platform
Flask Admin customized using AdminLTE bootstrap template and flask security to offer a better Dashboard UX
My personal cheat sheet for using WinDbg for kernel debugging
CA Optics - Azure AD Conditional Access Gap Analyzer
Spoof emails from any of the +2 Million domains using MailChannels (DEFCON 31 Talk)
Collection of macOS persistence methods and miscellaneous tools in JXA
Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)
Templates for the King Phisher open source phishing campaign toolkit.
Jbin will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, API secrets, API tokens and many other juicy information.
HTTP(s) Screenshots for Pen Testers Who Value Their Time
A CLI tool which can be used to inject JavaScript into arbitrary Chrome origins via the Chrome DevTools Protocol
A VSCode plugin to assist with BOF development.
Sort Github fork lists by the number of stars and commits ahead from the source repo.