Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty...
Nmap Automator is a great tool for initial port scans of a given ip address. It automates the scan techniques which I...
Turbolist3r is a subdomain enumeration tool which can identify subdomain takeovers. It is heavily based on sublist3r: https://latesthackingnews.com/2016/01/27/sublist3r-free-tool-to-enumerate-subdomains-for-pentester/ Installation and usage git...
Web Screenshot – webscreenshot.py is a great tool which comes in handy when a penetration tester needs to quickly identify potential vulnerabilities...
Final Recon is a useful tool for gathering data about a target from open source resources, the tool is written in Python3....
Damn Small XSS Scanner (DSXS) is a great tool for finding cross site scripting vulnerabilities, the tool has been developed in Python...
BoomER is a Command-line interface python open-source framework fully developed in Python 3.X for post-exploitation of targets with the objective to exploit...
4CAN V2 is a Raspberry Pi project created by the Cisco team in order to test the security of cars via the...
Salsa-tools is a collection of three tools programmed with C# used to take over a windows machine and bypass AV and get...
Aquatone is a tool programmed by go-lang to inspect domains/check their status and also provide screenshots of the hosts it supports with...
Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor...
Malware showcase is a Github repository that contains examples of malware usage and behavior, this repo should be used only for educational...
DumpsterFire is an open-source tool made by blue team member to edit create and control dumpster payloads in order to create surface...
CMSeek is an open-source tool that analyzes the regex of websites in order to detect flaws and content management system used like...
SniffAir is an open source tool made for sophisticated wireless attacks and data capture, it handle all types of pcap files and...
Definition Whatweb is web scanner written in Ruby to identify and recognise technologies used by a website including CMS, blogging platforms, statistic/analytics...
Wifi Pumpkin is a security audit framework used to test the security of wifi against threats like man in the middle attacks....
TheFatRat is an easy to use tool which helps in generating backdoors, system exploitation, post exploitation attacks, browser attacks, DLL files, FUD...
Spiderfoot is an open-source tool used for reconnaissance. It is capable of gathering open-source information which can be further used for investigations...
AutoRecon is an enumeration tool that performs automated enumeration with multi-threaded capabilities. It is purposely built to be used for CTFs, exams...
BeRoot is a post-exploitation tool to check for common misconfigurations which can allow an attacker to escalate their privileges. The main goal...