nxg-7 Goto Github PK

afl-triage

A tool to triage crashing input files using a debugger

aio-dns-brute

Python 3.5+ DNS asynchronous brute force utility

airstrike

amass

In-depth Attack Surface Mapping and Asset Discovery

arsenal

Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty

autosploit

Automated Mass Exploiter

autosqli

An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.

awesome-bugbounty-writeups

A curated list of bugbounty writeups (Bug type wise)

awesome-python

A curated list of awesome Python frameworks, libraries, software and resources

aws-pentesting-lab

Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet

badsecrets

A library for detecting known secrets across many web frameworks

bbot

OSINT automation for hackers.

blackwidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

breachcompilation

BreachCompilation Tools

brutex

Automatically brute force all services running on a target.

burp-gpt

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.

bxss

A Blind XSS Injector Tool

bypass-url-parser

A tool that tests many URL bypasses to reach a 40X protected page

cats

CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance.

certipy

Tool for Active Directory Certificate Services enumeration and abuse

cheatsheetseries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

check-xss

A tool to detect XSS vulnerability in Web Applications

chrome-debug-protocol

Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses.

ci-locks

Crack Interface lockscreen, Metasploit and More Android/IOS Hacking

cmseek

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 130 other CMSs

commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

covermyass

Post-exploitation tool to cover your tracks on a compromised machine

cr3dov3r

Know the dangers of credential reuse attacks.

crackql

CrackQL is a GraphQL password brute-force and fuzzing utility.

crime-flare

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.