Trending repositories for topic enumeration
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A high performance offensive security tool for reconnaissance and vulnerability scanning
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
Username enumeration and password spraying tool aimed at Microsoft O365.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
Username enumeration and password spraying tool aimed at Microsoft O365.
A high performance offensive security tool for reconnaissance and vulnerability scanning
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A fast, simple, recursive content discovery tool written in Rust.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing
Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
Generate tens of thousands of subdomain combinations in a matter of seconds
A fast, simple, recursive content discovery tool written in Rust.
Subdomain and target enumeration tool built for offensive security testing
Security Tool to Look For Interesting Files in S3 Buckets
Simple and fast implementation of enumerations with native PHP
💻 Certified ethical hacker summary in bullet points
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...
Automated NoSQL database enumeration and web application exploitation tool.
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
💻 Certified ethical hacker summary in bullet points
Username enumeration and password spraying tool aimed at Microsoft O365.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...
Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing
Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
Python code snippets from Discrete Mathematics for Computer Science specialization at Coursera
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...
Username enumeration and password spraying tool aimed at Microsoft O365.
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
💻 Certified ethical hacker summary in bullet points
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Automated NoSQL database enumeration and web application exploitation tool.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.
Incursore came from nmapAutomator to be your personal raider while you enumerate a target.
Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
Bruter is an OSINT tooling, an experiment to build a reconnaissance simple app to have fun 🕵️♂️
Unauthenticated enumeration of AWS, Azure, and GCP Principals
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
Active Directory Penetration Testing for Red Teams
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing
SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration