Trending repositories for topic enumeration

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Web path scanner

Tools and Techniques for Red Team / Penetration Testing

Monitor linux processes without root permissions

A fast, simple, recursive content discovery tool written in Rust.

A high performance offensive security tool for reconnaissance and vulnerability scanning

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.

Username enumeration and password spraying tool aimed at Microsoft O365.

A collection of one-liners for bug bounty hunting.

Fancy reverse and bind shell handler

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.

Username enumeration and password spraying tool aimed at Microsoft O365.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Tools and Techniques for Red Team / Penetration Testing

A high performance offensive security tool for reconnaissance and vulnerability scanning

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Web path scanner

A collection of one-liners for bug bounty hunting.

Monitor linux processes without root permissions

A fast, simple, recursive content discovery tool written in Rust.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Fancy reverse and bind shell handler

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Web path scanner

A fast, simple, recursive content discovery tool written in Rust.

In-depth attack surface mapping and asset discovery

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Tools and Techniques for Red Team / Penetration Testing

Monitor linux processes without root permissions

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

Wordlists handcrafted (and automated) with ♥

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

无状态子域名爆破工具

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...

A collection of one-liners for bug bounty hunting.

Security Tool to Look For Interesting Files in S3 Buckets

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Wordlists handcrafted (and automated) with ♥

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

Generate tens of thousands of subdomain combinations in a matter of seconds

A fast, simple, recursive content discovery tool written in Rust.

Monitor linux processes without root permissions

A collection of one-liners for bug bounty hunting.

Subdomain and target enumeration tool built for offensive security testing

Automatic Enumeration Tool based in Open Source tools

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Security Tool to Look For Interesting Files in S3 Buckets

Simple and fast implementation of enumerations with native PHP

💻 Certified ethical hacker summary in bullet points

This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Web path scanner

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Tools and Techniques for Red Team / Penetration Testing

In-depth attack surface mapping and asset discovery

A fast, simple, recursive content discovery tool written in Rust.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Monitor linux processes without root permissions

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...

Automated NoSQL database enumeration and web application exploitation tool.

Red Team Cheatsheet in constant expansion.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

💻 Certified ethical hacker summary in bullet points

A collection of one-liners for bug bounty hunting.

Username enumeration and password spraying tool aimed at Microsoft O365.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Speedy probe-based UDP service scanner

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...

Information Gatherer & Webapps Exploiter

Hunt SSL Certificates for interesting keywords on major cloud service providers / internet

The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...

This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.

🎲 Laravel package to supercharge enum functionalities.

Python code snippets from Discrete Mathematics for Computer Science specialization at Coursera

Gmail/GSuite account enumeration tool

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Tools and Techniques for Red Team / Penetration Testing

Wordlists handcrafted (and automated) with ♥

CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...

Username enumeration and password spraying tool aimed at Microsoft O365.

🎲 Zero-dependencies package to supercharge enum functionalities.

An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.

💻 Certified ethical hacker summary in bullet points

Speed up your pentest enumeration

Speedy probe-based UDP service scanner

SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.

Information Gatherer & Webapps Exploiter

The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Tools and Techniques for Red Team / Penetration Testing

Web path scanner

In-depth attack surface mapping and asset discovery

A fast, simple, recursive content discovery tool written in Rust.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

Monitor linux processes without root permissions

Fancy reverse and bind shell handler

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Automated NoSQL database enumeration and web application exploitation tool.

A collection of one-liners for bug bounty hunting.

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.

The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...

Speedy probe-based UDP service scanner

Speed up your pentest enumeration

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.

Incursore came from nmapAutomator to be your personal raider while you enumerate a target.

Hunt SSL Certificates for interesting keywords on major cloud service providers / internet

Bruter is an OSINT tooling, an experiment to build a reconnaissance simple app to have fun 🕵️‍♂️

Bug Bounty Vps Setup Tools

Unauthenticated enumeration of AWS, Azure, and GCP Principals

🎲 Zero-dependencies package to supercharge enum functionalities.

CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...

This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.

Active Directory Penetration Testing for Red Teams

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration