The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

Find, verify, and analyze leaked credentials

Yar is a tool for plunderin' organizations, users and/or repositories.

ncurses-grep: interactively navigate grep-like results

A Complete Osint Tool 🔍

Pentesting Reporting Tool

Pentesting automation platform that combines hacking tools to complete assessments

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

A REXX based mastodon reader for MVS 3.8j

GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.

NVR with realtime local object detection for IP cameras

A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

A simple zero-config tool to make locally trusted development certificates with any names you'd like.

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Fast and lightweight Web Application Firewall Fingerprinting tool

Basic fuzzing instrumentation for windows processes.

An application to catch, search and analyze HTTP secure headers.

Collections of Orange Tsai's public presentation slides.

A Powershell incident response framework

OWASP API Security Project

Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.

Adversary Emulation Framework

Python AV Evasion Tools

Covid-19 tweets

Open-Source Phishing Toolkit

Collection of Cyber Threat Intelligence sources from the deep and dark web

Attack Surface Management & Red Team Simulation Platform 互联网攻击面管理&红队模拟平台