Threat Emulation and Red Teaming Framework, The Hacking Software for normal people.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

hydra

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Here is a simple way to evade anti-virus …

Undetectable Windows Payload Generation

A list of interesting payloads, tips and tricks for bug bounty hunters.

A list of useful payloads for Web Application Security and Pentest/CTF

The Web Application Hacker's Handbook - Extra Content

Software for fuzzing, used on web application pentestings.

A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

🔪 this repo contains required files for web application pentests

Docker toolbox for pentest of web based application.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A OWASP Based Checklist With 500+ Test Cases

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Scripted Local Linux Enumeration & Privilege Escalation Checks

Linux enumeration tool for pentesting and CTFs with verbosity levels

Notes Taken for HTB Machines & InfoSec Community.

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.

CTF Cheat Sheet + Writeups / Files for some of the Cyber CTFs that I've done

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥