Stars
This tool can be used to brute discover GET and POST parameters
Automated All-in-One OS Command Injection Exploitation Tool.
PNPT Exam Preparation - TCM Security
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Official DeepSound repository migrated from jpinsoft.net. DeepSound is a freeware steganography tool and audio converter that hides secret data into audio files. The application also enables you to…
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital Forensics, Incident Response, Malware Analysis and Threat Hunting.
All the deals for InfoSec related software/tools this Black Friday
Script to root AVDs running with QEMU Emulator from Android Studio
A Magisk/KernelSU module that automatically adds user certificates to the system root CA store
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)
Bloodhound Reporting for Blue and Purple Teams
PowerSploit - A PowerShell Post-Exploitation Framework
A list of Capture The Flag (CTF) frameworks, libraries, resources and software for started/experienced CTF players 🚩
CTF framework and exploit development library
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Free VMware Workstation Pro 17 full license keys. We've meticulously organized thousands of keys, catering to all major versions of VMware Workstation Pro 17 Choose from our curated selection to en…
Fetch all the URLs that the Wayback Machine knows about for a domain
Web recon script. No need to fear, sumrecon is here!
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
Take a list of domains and probe for working HTTP and HTTPS servers
In-depth attack surface mapping and asset discovery
Find domains and subdomains related to a given domain
Collection of steganography tools - helps with CTF challenges
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
Educational, CTF-styled labs for individuals interested in Memory Forensics
Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process Enivornment Block) and displays the collected information and…