ipsets dynamically updated with firehol's update-ipsets.sh script

Linux anti-debugging and anti-analysis rust library

0day Windows/x64 Inject All Processes With Meterpreter Reverse Shell Shellcode (655 bytes)

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

☕ A practical event-driven microservices demo built with Golang. Nomad, Consul Connect, Vault, and Terraform for deployment

🕳 godoh - A DNS-over-HTTPS C2

📱 objection - runtime mobile exploration

✉️ HTML Smuggling generator&obfuscator for your Red Team operations

🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.

Docker Remote API Scanner and Exploit

📊 Adana - 1-click analytical dashboard for OSINT researchers

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Nuclei AI - Browser Extension for Rapid Nuclei Template Generation

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A curated list of various bug bounty tools

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, si…