the only cheat sheet you need

Impacket is a collection of Python classes for working with network protocols.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Web path scanner

CTF framework and exploit development library

E-mails, subdomains and names Harvester - OSINT

Credentials recovery project

An open-source post-exploitation framework for students, researchers and developers.

A swiss army knife for pentesting networks

Count the number of people around you 👨‍👨‍👦 by monitoring wifi signals 📡

Hide screen when boss is approaching.

Web application fuzzer

Open Source Vulnerability Management Platform

P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.

IntelOwl: manage your Threat Intelligence at scale

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.

UAC bypass, Elevate, Persistence methods

Know the dangers of credential reuse attacks.

Wiki-like CTF write-ups repository, maintained by the community. 2014

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

Sniffs sensitive data from interface or pcap

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Pop shells like a master.

A tool to analyze multi-byte xor cipher

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Security Tool to Look For Interesting Files in S3 Buckets

LinkedIn Recon Tool

PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2

Steal Net-NTLM Hash using Bad-PDF