A list of public penetration test reports published by several consulting firms and academic security groups.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Automate the creation of a lab environment complete with security tooling and logging best practices

8 Lessons, Kick-start Your Cybersecurity Learning.

Social engineering tool [Access Webcam & Microphone & Location Finder] With {Py,JS,PHP}

Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

A collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics.

Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Post Exploitation Wiki

Weaponized Browser-in-the-Middle (BitM) for Penetration Testers

A RedTeam Toolkit

HTML smuggling is not an evil, it can be useful

This is a collection of phishing templates and a landing page to be used with goPhish

IPFuscator - A tool to automatically generate alternative IP representations

A crossplatform mDNS enumeration tool.

A library of pretexts to use on offensive phishing engagements.

Wiegand data logger, replay device and micro door-controller

An open-source self-hosted purple team management web application.

Secret Magpie - Secret Detection Tool

A vast collection of security tools and resources curated by the community.

Collection of tools to use with Azure Applications

OSDP attack tool (and the Elvish word for friend)