| archivebox |
903.59da482 |
The open source self-hosted web archive. Takes browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more. |
|
| arybo |
65.89d9a42 |
Manipulation, canonicalization and identification of mixed boolean-arithmetic symbolic expressions. |
|
| aspisec |
0.1.0 |
Removes the traces left by offensive security tools. |
|
| aurebeshjs |
77.75a8fc6 |
Translate JavaScript to Other Alphabets. |
|
| avml |
v0.6.1.r11.g155f084 |
A portable volatile memory acquisition tool for Linux. |
|
| base64dump |
0.0.14 |
Extract and decode base64 strings from files. |
|
| bettercap-ui |
1.3.0 |
Official Bettercap's Web UI. |
|
| bqm |
v1.5.1.r5.ge287280 |
Download BloudHound query lists, deduplicate entries and merge them in one file. |
|
| catana |
31.9ea1f0d |
Filter your wordlist according to the specified password policy. |
|
| centry |
72.6de2868 |
Cold boot & DMA protection |
|
| checkiban |
0.2 |
Checks the validity of an International Bank Account Number (IBAN). |
|
| cisco-router-config |
1.1 |
Tools to copy and merge Cisco Routers Configuration. |
|
| cloakify |
117.f45c3b3 |
Data Exfiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Evade AV Detection. |
|
| cracken |
v1.0.1.r0.g7a325ff |
A ast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust. |
|
| credmap |
116.d862247 |
The Credential mapper - Tool that was created to bring awareness to the dangers of credential reuse. |
|
| ctf-party |
v3.0.0.r39.gb0c58df |
A CLI tool & library to enhance and speed up script/exploit writing for CTF players. |
|
| cve-api |
170.8e9c247 |
Unofficial api for cve.mitre.org. |
|
| dbd |
61.8cf5350 |
A Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. |
|
| densityscout |
45 |
Calculates density for files of any file-system-path to finally output an accordingly descending ordered list. |
|
| depix |
38.f7d1850 |
A tool for recovering passwords from pixelized screenshots. |
|
| der-ascii |
93.de4197e |
A reversible DER and BER pretty-printer. |
|
| dhcdrop |
0.5 |
Remove illegal dhcp servers with IP-pool underflow. |
|
| dnsgen |
v1.0.4.r10.gbaadcce |
Generate combination of domain names from the provided input. |
|
| domlink |
37.1cabd5d |
A tool to link a domain with registered organisation names and emails, to other domains. |
|
| dsd |
91.7ee04e5 |
Digital Speech Decoder |
|
| dsd-fme |
2024 |
Digital Speech Decoder - Florida Man Edition. |
|
| dumpsmbshare |
21.9fd4d5b |
A script to dump files and folders remotely from a Windows SMB share. |
|
| duplicut |
2.2 |
Remove duplicates from massive wordlist, without sorting it (for dictionnary-based password cracking). |
|
| elettra |
1.0 |
Encryption utility by Julia Identity |
|
| elettra-gui |
1.0 |
Gui for the elettra crypto application. |
|
| ent |
1.0 |
Pseudorandom number sequence test. |
|
| evilgrade |
2.0.9 |
Modular framework that takes advantage of poor upgrade implementations by injecting fake updates. |
|
| exrex |
149.b91c075 |
Irregular methods on regular expressions. |
|
| extracthosts |
17.8fdff9e |
Extracts hosts (IP/Hostnames) from files. |
|
| eyeballer |
143.5299227 |
Convolutional neural network for analyzing pentest screenshots. |
|
| fakemail |
1.0 |
Fake mail server that captures e-mails as files for acceptance testing. |
|
| ffuf-scripts |
1.2192bf7 |
Scripts and snippets for ffuf payloads. |
|
| find3 |
604.5964026 |
High-precision indoor positioning framework. |
|
| firefox-security-toolkit |
16.31dacf0 |
A tool that transforms Firefox browsers into a penetration testing suite. |
|
| flare |
0.6 |
Flare processes an SWF and extracts all scripts from it. |
|
| genlist |
0.1 |
Generates lists of IP addresses. |
|
| geoipgen |
0.4 |
GeoIPgen is a country to IP addresses generator. |
|
| gf |
39.dcd4c36 |
A wrapper around grep, to help you grep for things. |
|
| gibberish-detector |
v0.1.1.r2.gecac969 |
Train a model and detect gibberish strings with it. |
|
| githubcloner |
35.2bcb9c2 |
A script that clones Github repositories of users and organizations automatically. |
|
| gmsadumper |
18.e03187c |
A tool that Reads any gMSA password blobs the user can access and parses the values. |
|
| goshs |
0.3.8 |
A SimpleHTTPServer written in Go, enhanced with features and with a nice design. |
|
| graffiti |
24.4af61b4 |
A tool to generate obfuscated one liners to aid in penetration testing. |
|
| gtfo |
17.873d862 |
Search gtfobins and lolbas files from your terminal. |
|
| gtfoblookup |
69.cc50e6e |
Offline command line lookup utility for GTFOBins and LOLBAS. |
|
| h2spec |
2.6.0 |
A conformance testing tool for HTTP/2 implementation. |
|
| halcyon-ide |
2.0.2 |
First IDE for Nmap Script (NSE) Development. |
|
| http-put |
1.0 |
Simple http put perl script. |
|
| httpscreenshot |
70.f081c69 |
A tool for grabbing screenshots and HTML of large numbers of websites. |
|
| hurl-encoder |
20.afca9c5 |
Hexadecimal & URL (en/de)coder. |
|
| hxd |
2.5.0.0 |
Freeware Hex Editor and Disk Editor. |
|
| imagegrep |
8.1f14af2 |
Grep word in pdf or image based on OCR. |
|
| imhex |
1.35.0.r201.g762361070 |
A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM. |
|
| intelmq |
3.3.1.r11.ga48607162 |
A tool for collecting and processing security feeds using a message queuing protocol. |
|
| intensio-obfuscator |
280.f66a22b |
Obfuscate a python code 2 and 3. |
|
| inundator |
0.5 |
An ids evasion tool, used to anonymously inundate intrusion detection logs with false positives in order to obfuscate a real attack. |
|
| ipcountry |
1.2 |
Fetches IPv4 ranges of given country in host and cidr format. |
|
| ipobfuscator |
27.f005262 |
A simple tool to convert the IP to a DWORD IP. |
|
| jsfuck |
235.e5c0274 |
Write any JavaScript with 6 Characters: []()!+. |
|
| laudanum |
1.0 |
A collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments. |
|
| leo |
35679.2ec1b0ea4 |
Literate programmer's editor, outliner, and project manager. |
|
| magictree |
1.3 |
A penetration tester productivity tool designed to allow easy and straightforward data consolidation, querying, external command execution and report generation |
|
| mapcidr |
v1.1.34.r360.g592bb77 |
Utility program to perform multiple operations for a given subnet/CIDR ranges. |
|
| metaforge |
115.7b32693 |
Auto Scanning to SSL Vulnerability. |
|
| mibble |
2.10.1 |
An open-source SNMP MIB parser (or SMI parser) written in Java. It can be used to read SNMP MIB files as well as simple ASN.1 files. |
|
| minimodem |
353.bb2f34c |
A command-line program which decodes (or generates) audio modem tones at any specified baud rate, using various framing protocols. |
|
| mkyara |
3.8147f91 |
Tool to generate YARA rules based on binary code. |
|
| mrtparse |
522.13cde30 |
A module to read and analyze the MRT format data. |
|
| msfdb |
16.09c603b |
Manage the metasploit framework database. |
|
| narthex |
v1.2.r7.g8b78746 |
Modular personalized dictionary generator. |
|
| nmap-parse-output |
26.a8e31b3 |
Converts/manipulates/extracts data from a nmap scan output. |
|
| nsearch |
353.bd8205b |
Minimal script to help find script into the nse database. |
|
| one-lin3r |
65.168bb6d |
Gives you one-liners that aids in penetration testing and more. |
|
| openrisk |
v0.0.1.r22.gb536ea0 |
Generates a risk score based on the results of a Nuclei scan using OpenAI's GPT model. |
|
| osert |
93.415d449 |
Markdown Templates for Offensive Security exam reports. |
|
| pass-station |
v1.4.0.r72.gf39fbf2 |
CLI & library to search for default credentials among thousands of Products / Vendors. |
|
| passdetective |
1.0.6.r3.ge3aebf2 |
Scans shell command history to detect mistakenly written passwords, API keys, and secrets. |
|
| payloadsallthethings |
2041.3871607 |
A list of useful payloads and bypass for Web Application Security and Pentest/CTF. |
|
| pdfwalker |
7.64c17f0 |
Frontend to explore the internals of a PDF document with Origami |
|
| pencode |
39.07e33ef |
Complex payload encoder. |
|
| plumber.py |
18.3f1be68 |
A python implementation of a grep friendly ftrace wrapper. |
|
| plutil |
1.6 |
Converts .plist files between binary and UTF (editable) text formats. |
|
| princeprocessor |
132.bffda8c |
Standalone password candidate generator using the PRINCE algorithm. |
|
| pspy |
159.2312eed |
Monitor linux processes without root permissions. |
|
| pulledpork |
397.5ccf5c5 |
Snort rule management. |
|
| pwdlogy |
14.8b92bcf |
A target specific wordlist generating tool for social engineers and security researchers. |
|
| pwfuzz-rs |
v0.2.0.r0.g9ee3ed4 |
Rust-based password mutator for brute force attacks. |
|
| pwnedpasswords |
2.0.0.r0.g717702e |
Generate and verify pwnedpasswords check digits. |
|
| pydictor |
98.e48ee88 |
A useful hacker dictionary builder for a brute-force attack. |
|
| pyinstaller |
3.6 |
A program that converts (packages) Python programs into stand-alone executables, under Windows, Linux, Mac OS X, Solaris and AIX. |
|
| python-google-streetview |
1.2.9 |
A command line tool and module for Google Street View Image API. |
|
| python-utidylib |
0.2 |
Python bindings for Tidy HTML parser/cleaner. |
|
| python2-darts.util.lru |
7.5ef01b1 |
Simple dictionary with LRU behaviour. |
|
| python2-exrex |
149.b91c075 |
Irregular methods on regular expressions. |
|
| python2-google-streetview |
1.2.9 |
A command line tool and module for Google Street View Image API. |
|
| qrgen |
37.82a015b |
Simple script for generating Malformed QRCodes. |
|
| qsreplace |
3.0b053d2 |
Accept URLs on stdin, replace all query string values with a user-supplied value, only output each combination of query string parameters once per host and path. |
|
| rawsec-cli |
1.2.0.r7.gf7a08c6 |
Rawsec Inventory search CLI to find security tools and resources. |
|
| rbkb |
v0.7.2.r0.ga6d35c0 |
A miscellaneous collection of command-line tools related to pen-testing and reversing. |
|
| redeye |
0.9.4 |
Visual analytic tool supporting Red & Blue Team operations. |
|
| redpoint |
123.23ef36b |
Digital Bond's ICS Enumeration Tools. |
|
| reptor |
0.7 |
CLI tool to automate pentest reporting with SysReptor. |
|
| rogue-mysql-server |
2.78ebbfc |
A rogue MySQL server written in Python. |
|
| rtfm |
95.a807a80 |
A database of common, interesting or useful commands, in one handy referable form. |
|
| rulesfinder |
42.cf8255b |
Machine-learn password mangling rules. |
|
| sasm |
3.2.0 |
A simple crossplatform IDE for NASM, MASM, GAS and FASM assembly languages. |
|
| schnappi-dhcp |
0.1 |
Can fuck network with no DHCP. |
|
| sh00t |
214.8c7321f |
A Testing Environment for Manual Security Testers. |
|
| shadowfinder |
0.5.0.r0.g578d5ac |
Find possible locations of shadows around the world. |
|
| shelling |
227.0a6c135 |
An offensive approach to the anatomy of improperly written OS command injection sanitisers. |
|
| sleuthql |
9.29fc878 |
Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap. |
|
| sslcat |
1.0 |
SSLCat is a simple Unix utility that reads and writes data across an SSL enable network connection. |
|
| stompy |
0.0.4 |
An advanced utility to test the quality of WWW session identifiers and other tokens that are meant to be unpredictable. |
|
| suricata-verify |
1376.2f97c25f |
Suricata Verification Tests - Testing Suricata Output. |
|
| tcpxtract |
1.0.1 |
A tool for extracting files from network traffic. |
|
| tempomail |
26.5600ec3 |
Tool to create a temporary email address in 1 Second and receive emails. |
|
| tnscmd |
1.3 |
A lame tool to prod the oracle tnslsnr process (1521/tcp). |
|
| token-reverser |
10.cbb4528 |
Word list generator to crack security tokens. |
|
| tpcat |
latest |
Tool based upon pcapdiff by the EFF. It will analyze two packet captures (taken on each side of the firewall as an example) and report any packets that were seen on the source capture but didn’t make it to the dest. |
|
| uatester |
1.06 |
User Agent String Tester |
|
| uberfile |
14.4414c2a |
CLI tool for the generation of downloader oneliners for UNIX-like or Windows systems. |
|
| unfurl |
16.99ad735 |
Pull out bits of URLs provided on stdin. |
|
| unisec |
0.0.5 |
Unicode Security Toolkit. |
|
| urlview |
0.9 |
A curses URL parser for text files. |
|
| usernamer |
20.12983f8 |
Pentest Tool to generate usernames/logins based on supplied names. |
|
| verinice |
1.19.1.r1.gf82b192a6 |
Tool for managing information security. |
|
| vfeed |
81.fad17ae |
Open Source Cross Linked and Aggregated Local Vulnerability Database main repository. |
|
| visualize-logs |
118.d2e370e |
A Python library and command line tools to provide interactive log visualization. |
|
| web2ldap |
1.8.1 |
Full-featured LDAP client running as web application. |
|
| whapa |
375.60d96d5 |
WhatsApp Parser Tool. |
|
| whatportis |
54.59a1718 |
A command to search port names and numbers. |
|
| winexe |
1.00 |
Remotely execute commands on Windows NT/2000/XP/2003 systems. |
|
| winregfs |
161.209a5d6 |
Windows Registry FUSE filesystem. |
|
| wol-e |
2.0 |
A suite of tools for the Wake on LAN feature of network attached computers. |
|
| wordlistctl |
0.9.4 |
Fetch, install and search wordlist archives from websites. |
|
| wordlister |
56.7457c21 |
A simple wordlist generator and mangler written in python. |
|
| yay |
12.4.2 |
Yet another yogurt. Pacman wrapper and AUR helper written in go. |
|