| archivebox |
903.59da482 |
The open source self-hosted web archive. Takes browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more. |
|
| arybo |
65.89d9a42 |
Manipulation, canonicalization and identification of mixed boolean-arithmetic symbolic expressions. |
|
| aspisec |
0.2.0 |
Removes the traces left by offensive security tools. |
|
| aurebeshjs |
77.75a8fc6 |
Translate JavaScript to Other Alphabets. |
|
| avml |
v0.15.0.r44.gde12e1e |
A portable volatile memory acquisition tool for Linux. |
|
| base64dump |
0.0.14 |
Extract and decode base64 strings from files. |
|
| bettercap-ui |
1.3.0 |
Official Bettercap's Web UI. |
|
| bless |
v0.6.3.r3.g103fbd6 |
High-quality, full-featured hex editor. |
|
| bloodhound-cli |
v0.1.9.r0.g6e19941 |
Command-line interface for BloodHound v5. |
|
| bqm |
v1.5.1.r5.ge287280 |
Download BloudHound query lists, deduplicate entries and merge them in one file. |
|
| catana |
31.9ea1f0d |
Filter your wordlist according to the specified password policy. |
|
| centry |
72.6de2868 |
Cold boot & DMA protection |
|
| checkiban |
0.2 |
Checks the validity of an International Bank Account Number (IBAN). |
|
| cisco-router-config |
1.1 |
Tools to copy and merge Cisco Routers Configuration. |
|
| cloakify |
117.f45c3b3 |
Data Exfiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Evade AV Detection. |
|
| cracken |
v1.0.1.r0.g7a325ff |
A ast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust. |
|
| credmap |
116.d862247 |
The Credential mapper - Tool that was created to bring awareness to the dangers of credential reuse. |
|
| ctf-party |
v4.0.0.r9.g4acacc1 |
A CLI tool & library to enhance and speed up script/exploit writing for CTF players. |
|
| cve-api |
170.8e9c247 |
Unofficial api for cve.mitre.org. |
|
| dbd |
61.8cf5350 |
A Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. |
|
| densityscout |
45 |
Calculates density for files of any file-system-path to finally output an accordingly descending ordered list. |
|
| depix |
38.f7d1850 |
A tool for recovering passwords from pixelized screenshots. |
|
| der-ascii |
100.3ea50c4 |
A reversible DER and BER pretty-printer. |
|
| dhcdrop |
0.5 |
Remove illegal dhcp servers with IP-pool underflow. |
|
| dnsgen |
v1.0.4.r12.g7c98e7e |
Generate combination of domain names from the provided input. |
|
| domlink |
37.1cabd5d |
A tool to link a domain with registered organisation names and emails, to other domains. |
|
| dsd |
91.7ee04e5 |
Digital Speech Decoder |
|
| dsd-fme |
2024 |
Digital Speech Decoder - Florida Man Edition. |
|
| dumpsmbshare |
23.1e5ceb1 |
A script to dump files and folders remotely from a Windows SMB share. |
|
| duplicut |
2.2 |
Remove duplicates from massive wordlist, without sorting it (for dictionnary-based password cracking). |
|
| elettra |
1.0 |
Encryption utility by Julia Identity |
|
| elettra-gui |
1.0 |
Gui for the elettra crypto application. |
|
| ent |
1.0 |
Pseudorandom number sequence test. |
|
| evilgrade |
2.0.9 |
Modular framework that takes advantage of poor upgrade implementations by injecting fake updates. |
|
| exrex |
149.b91c075 |
Irregular methods on regular expressions. |
|
| extracthosts |
17.8fdff9e |
Extracts hosts (IP/Hostnames) from files. |
|
| eyeballer |
143.5299227 |
Convolutional neural network for analyzing pentest screenshots. |
|
| fakemail |
1.0 |
Fake mail server that captures e-mails as files for acceptance testing. |
|
| ffuf-scripts |
1.2192bf7 |
Scripts and snippets for ffuf payloads. |
|
| find3 |
604.5964026 |
High-precision indoor positioning framework. |
|
| firefox-security-toolkit |
17.d356ab8 |
A tool that transforms Firefox browsers into a penetration testing suite. |
|
| flare |
0.6 |
Flare processes an SWF and extracts all scripts from it. |
|
| genlist |
0.1 |
Generates lists of IP addresses. |
|
| geoipgen |
0.4 |
GeoIPgen is a country to IP addresses generator. |
|
| gf |
39.dcd4c36 |
A wrapper around grep, to help you grep for things. |
|
| gibberish-detector |
v0.1.1.r2.gecac969 |
Train a model and detect gibberish strings with it. |
|
| githubcloner |
36.20203e7 |
A script that clones Github repositories of users and organizations automatically. |
|
| gmsadumper |
18.e03187c |
A tool that Reads any gMSA password blobs the user can access and parses the values. |
|
| goshs |
0.3.8 |
A SimpleHTTPServer written in Go, enhanced with features and with a nice design. |
|
| graffiti |
24.4af61b4 |
A tool to generate obfuscated one liners to aid in penetration testing. |
|
| gtfo |
17.873d862 |
Search gtfobins and lolbas files from your terminal. |
|
| gtfoblookup |
69.cc50e6e |
Offline command line lookup utility for GTFOBins and LOLBAS. |
|
| h2spec |
2.6.0 |
A conformance testing tool for HTTP/2 implementation. |
|
| halcyon-ide |
2.0.2 |
First IDE for Nmap Script (NSE) Development. |
|
| http-put |
1.0 |
Simple http put perl script. |
|
| httpscreenshot |
70.f081c69 |
A tool for grabbing screenshots and HTML of large numbers of websites. |
|
| hurl-encoder |
20.afca9c5 |
Hexadecimal & URL (en/de)coder. |
|
| hxd |
2.5.0.0 |
Freeware Hex Editor and Disk Editor. |
|
| imagegrep |
8.1f14af2 |
Grep word in pdf or image based on OCR. |
|
| imhex |
nightly.r0.g7ca2e55 |
A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM. |
|
| intelmq |
3.4.0.r122.g248587170 |
A tool for collecting and processing security feeds using a message queuing protocol. |
|
| intensio-obfuscator |
280.f66a22b |
Obfuscate a python code 2 and 3. |
|
| inundator |
0.5 |
An ids evasion tool, used to anonymously inundate intrusion detection logs with false positives in order to obfuscate a real attack. |
|
| ipcountry |
1.2 |
Fetches IPv4 ranges of given country in host and cidr format. |
|
| ipobfuscator |
27.f005262 |
A simple tool to convert the IP to a DWORD IP. |
|
| jsfuck |
242.6f8fdf3 |
Write any JavaScript with 6 Characters: []()!+. |
|
| laudanum |
1.0 |
A collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments. |
|
| leo |
36941.000a7380f |
Literate programmer's editor, outliner, and project manager. |
|
| magictree |
1.3 |
A penetration tester productivity tool designed to allow easy and straightforward data consolidation, querying, external command execution and report generation |
|
| mapcidr |
v1.1.96.r8.gac92503 |
Utility program to perform multiple operations for a given subnet/CIDR ranges. |
|
| metaforge |
115.7b32693 |
Auto Scanning to SSL Vulnerability. |
|
| mibble |
2.10.1 |
An open-source SNMP MIB parser (or SMI parser) written in Java. It can be used to read SNMP MIB files as well as simple ASN.1 files. |
|
| minimodem |
353.bb2f34c |
A command-line program which decodes (or generates) audio modem tones at any specified baud rate, using various framing protocols. |
|
| mkyara |
3.8147f91 |
Tool to generate YARA rules based on binary code. |
|
| mrtparse |
522.13cde30 |
A module to read and analyze the MRT format data. |
|
| msfdb |
16.09c603b |
Manage the metasploit framework database. |
|
| narthex |
v1.2.r7.g8b78746 |
Modular personalized dictionary generator. |
|
| nmap-parse-output |
26.a8e31b3 |
Converts/manipulates/extracts data from a nmap scan output. |
|
| nsearch |
353.bd8205b |
Minimal script to help find script into the nse database. |
|
| one-lin3r |
65.168bb6d |
Gives you one-liners that aids in penetration testing and more. |
|
| openrisk |
v0.0.1.r22.gb536ea0 |
Generates a risk score based on the results of a Nuclei scan using OpenAI's GPT model. |
|
| osert |
97.8c515be |
Markdown Templates for Offensive Security exam reports. |
|
| pass-station |
v2.0.0.r4.gbe184e9 |
CLI & library to search for default credentials among thousands of Products / Vendors. |
|
| passdetective |
1.0.6.r3.ge3aebf2 |
Scans shell command history to detect mistakenly written passwords, API keys, and secrets. |
|
| payloadsallthethings |
2121.d49faf9 |
A list of useful payloads and bypass for Web Application Security and Pentest/CTF. |
|
| pdfwalker |
7.64c17f0 |
Frontend to explore the internals of a PDF document with Origami |
|
| pencode |
39.07e33ef |
Complex payload encoder. |
|
| plumber.py |
18.3f1be68 |
A python implementation of a grep friendly ftrace wrapper. |
|
| plutil |
1.6 |
Converts .plist files between binary and UTF (editable) text formats. |
|
| princeprocessor |
132.bffda8c |
Standalone password candidate generator using the PRINCE algorithm. |
|
| pspy |
159.2312eed |
Monitor linux processes without root permissions. |
|
| pulledpork |
397.5ccf5c5 |
Snort rule management. |
|
| pwdlogy |
14.8b92bcf |
A target specific wordlist generating tool for social engineers and security researchers. |
|
| pwfuzz-rs |
v0.2.0.r1.gac56f42 |
Rust-based password mutator for brute force attacks. |
|
| pwnedpasswords |
3.0.0.r1.gf8cfb94 |
Generate and verify pwnedpasswords check digits. |
|
| pydictor |
100.4a77f0a |
A useful hacker dictionary builder for a brute-force attack. |
|
| pyinstaller |
6.12.0 |
Bundles a Python application and all its dependencies into a single package. |
|
| pyinstaller-hooks-contrib |
2024.11 |
PyInstaller community hooks. |
|
| python-google-streetview |
1.2.9 |
A command line tool and module for Google Street View Image API. |
|
| python2-darts.util.lru |
7.5ef01b1 |
Simple dictionary with LRU behaviour. |
|
| python2-exrex |
149.b91c075 |
Irregular methods on regular expressions. |
|
| python2-google-streetview |
1.2.9 |
A command line tool and module for Google Street View Image API. |
|
| python2-utidylib |
0.6 |
Python bindings for Tidy HTML parser/cleaner. |
|
| qrgen |
37.82a015b |
Simple script for generating Malformed QRCodes. |
|
| qsreplace |
3.0b053d2 |
Accept URLs on stdin, replace all query string values with a user-supplied value, only output each combination of query string parameters once per host and path. |
|
| rawsec-cli |
1.2.0.r7.gf7a08c6 |
Rawsec Inventory search CLI to find security tools and resources. |
|
| rbkb |
v0.7.3.r3.g4645025 |
A miscellaneous collection of command-line tools related to pen-testing and reversing. |
|
| redeye |
0.9.4 |
Visual analytic tool supporting Red & Blue Team operations. |
|
| redpoint |
123.23ef36b |
Digital Bond's ICS Enumeration Tools. |
|
| reptor |
0.7 |
CLI tool to automate pentest reporting with SysReptor. |
|
| rogue-mysql-server |
2.78ebbfc |
A rogue MySQL server written in Python. |
|
| rtfm |
95.a807a80 |
A database of common, interesting or useful commands, in one handy referable form. |
|
| rulesfinder |
42.cf8255b |
Machine-learn password mangling rules. |
|
| sasm |
3.2.0 |
A simple crossplatform IDE for NASM, MASM, GAS and FASM assembly languages. |
|
| schnappi-dhcp |
0.1 |
Can fuck network with no DHCP. |
|
| sh00t |
214.8c7321f |
A Testing Environment for Manual Security Testers. |
|
| shadowfinder |
0.5.0.r1.g19e3925 |
Find possible locations of shadows around the world. |
|
| shelling |
227.0a6c135 |
An offensive approach to the anatomy of improperly written OS command injection sanitisers. |
|
| sleuthql |
9.29fc878 |
Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap. |
|
| sslcat |
1.0 |
SSLCat is a simple Unix utility that reads and writes data across an SSL enable network connection. |
|
| stompy |
0.0.4 |
An advanced utility to test the quality of WWW session identifiers and other tokens that are meant to be unpredictable. |
|
| suricata-verify |
1724.41f61a5f |
Suricata Verification Tests - Testing Suricata Output. |
|
| tcpxtract |
1.0.1 |
A tool for extracting files from network traffic. |
|
| tempomail |
26.5600ec3 |
Tool to create a temporary email address in 1 Second and receive emails. |
|
| tnscmd |
1.3 |
A lame tool to prod the oracle tnslsnr process (1521/tcp). |
|
| token-reverser |
10.cbb4528 |
Word list generator to crack security tokens. |
|
| tpcat |
latest |
Tool based upon pcapdiff by the EFF. |
|
| uatester |
1.06 |
User Agent String Tester |
|
| uberfile |
14.4414c2a |
CLI tool for the generation of downloader oneliners for UNIX-like or Windows systems. |
|
| unfurl |
16.99ad735 |
Pull out bits of URLs provided on stdin. |
|
| unisec |
0.0.6 |
Unicode Security Toolkit. |
|
| urlview |
0.9 |
A curses URL parser for text files. |
|
| usernamer |
20.12983f8 |
Pentest Tool to generate usernames/logins based on supplied names. |
|
| verinice |
1.19.1.r1.gf82b192a6 |
Tool for managing information security. |
|
| vfeed |
81.fad17ae |
Open Source Cross Linked and Aggregated Local Vulnerability Database main repository. |
|
| visualize-logs |
118.d2e370e |
A Python library and command line tools to provide interactive log visualization. |
|
| web2ldap |
1.8.1 |
Full-featured LDAP client running as web application. |
|
| whapa |
385.548ca0d |
WhatsApp Parser Tool. |
|
| whatportis |
54.59a1718 |
A command to search port names and numbers. |
|
| winexe |
1.00 |
Remotely execute commands on Windows NT/2000/XP/2003 systems. |
|
| winregfs |
161.209a5d6 |
Windows Registry FUSE filesystem. |
|
| wol-e |
2.0 |
A suite of tools for the Wake on LAN feature of network attached computers. |
|
| wordlistctl |
0.9.4 |
Fetch, install and search wordlist archives from websites. |
|
| wordlister |
56.7457c21 |
A simple wordlist generator and mangler written in python. |
|
| yay |
12.5.2 |
Yet another yogurt. Pacman wrapper and AUR helper written in go. |
|