Trending repositories for topic enumeration
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
Username enumeration and password spraying tool aimed at Microsoft O365.
π» Certified ethical hacker summary in bullet points
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
A fast, simple, recursive content discovery tool written in Rust.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Username enumeration and password spraying tool aimed at Microsoft O365.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
π» Certified ethical hacker summary in bullet points
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A fast, simple, recursive content discovery tool written in Rust.
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
Automated NoSQL database enumeration and web application exploitation tool.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Username enumeration and password spraying tool aimed at Microsoft O365.
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
The tool π²π»ππΊπ is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, mak...
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
Username enumeration and password spraying tool aimed at Microsoft O365.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Automated NoSQL database enumeration and web application exploitation tool.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Username enumeration and password spraying tool aimed at Microsoft O365.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
findCDN is a tool created to help accurately identify what CDN a domain is using.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
The tool π²π»ππΊπ is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
Username enumeration and password spraying tool aimed at Microsoft O365.
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
Python code snippets from Discrete Mathematics for Computer Science specialization at Coursera
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
The tool π²π»ππΊπ is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
Welcome SecToolkit repository! This is a comprehensive collection of cybersecurity and bug bounty hunting topics. Here, you'll find a variety of resources, notes, and practical projects aimed at enhan...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Automated NoSQL database enumeration and web application exploitation tool.
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
The tool π²π»ππΊπ is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. I...
Pinny Notes is a sticky note application with a button to "pin" a note making it always on top above other windows. A number of other handy tools are also available via the right click menus.
Tracks a range of Microsoft owned ASNs and publishes a daily release containing a list of IPv4 and IPv6 address in CIDR notation.
Notes, research, and methodologies for becoming a better hacker. Knowledge should be free.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Full and natural support for enumerations as Django model fields.
π¦ RUSTVERSARY: A comprehensive repository of tools and scripts for malware development practices.
Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.
All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Bruter is an OSINT tooling, an experiment to build a reconnaissance simple app to have fun π΅οΈββοΈ
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing