Trending repositories for topic enumeration
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Automated NoSQL database enumeration and web application exploitation tool.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Subdomain and target enumeration tool built for offensive security testing
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
Generate tens of thousands of subdomain combinations in a matter of seconds
Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
A fast, simple, recursive content discovery tool written in Rust.
Generate tens of thousands of subdomain combinations in a matter of seconds
Subdomain and target enumeration tool built for offensive security testing
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome
Automated NoSQL database enumeration and web application exploitation tool.
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Automated NoSQL database enumeration and web application exploitation tool.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
💻 Certified ethical hacker summary in bullet points
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...
A fast, simple, recursive content discovery tool written in Rust.
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
💻 Certified ethical hacker summary in bullet points
Generate tens of thousands of subdomain combinations in a matter of seconds
Automated NoSQL database enumeration and web application exploitation tool.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
onedrive user enumeration - pentest tool to enumerate valid o365 users
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A fast, simple, recursive content discovery tool written in Rust.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Automated NoSQL database enumeration and web application exploitation tool.
💻 Certified ethical hacker summary in bullet points
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate repor...
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
💻 Certified ethical hacker summary in bullet points
A simple webcam control for WPF based on OpenCVSharp
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Automated NoSQL database enumeration and web application exploitation tool.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.
Incursore came from nmapAutomator to be your personal raider while you enumerate a target.
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
Bruter is an OSINT tooling, an experiment to build a reconnaissance simple app to have fun 🕵️♂️
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...
Unauthenticated enumeration of AWS, Azure, and GCP Principals
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing
Active Directory Penetration Testing for Red Teams
SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.