reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

🔎 Hunt down social media accounts by username across social networks

Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.

ScanT3r - Module based Bug Bounty Automation Tool

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Web path scanner

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

The all-in-one Red Team extension for Web Pentester 🛠

Find secrets and passwords in container images and file systems

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Fast CLI DNS Lookup Tool

E-mails, subdomains and names Harvester - OSINT

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

An enterprise friendly way of detecting and preventing secrets in code.

Collection of malware source code for a variety of platforms in an array of different programming languages.

Pollyware is a piece of malware I developed for the purpose of giving the malware controller the ability to get the system information for that specific machine.

An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

Remote control software, supported Windows/Unix/MacOS/Linux(x86/x64/mips/arm)

Cookies and passwords stealer in just 2 lines. Sending to Telegram.

A high performance offensive security tool for reconnaissance and vulnerability scanning

XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning.

🔑 Stealer written on C#, logs will be sent to Telegram bot.

Find leaked secrets via github search

NoSQL Injection Tool to bypass login forms & extract usernames/passwords using regular expressions.

A simple and scalable Android bot emulation framework, as presented at Black Hat Europe 2021's Arsenal, as well as atHack 2021's Arsenal

Client of Richkware-Manager-Server, that obtains list of all hosts and is able to send commands to do at each of them.