jexboss

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

jsmon

a javascript change monitoring tool for bugbounties

jwt_tool

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

lazagne

Credentials recovery project

lazyrecon

This script is intended to automate your reconnaissance process in an organized fashion

linux-exploit-suggester

Linux privilege escalation auditing tool

lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

machine_learning_security

Source code about machine learning and security.

mercure

Mercure is a tool for security managers who want to train their colleague to phishing.

minesweeper

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

mobile-security-framework-mobsf

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

morpheus

Morpheus - Automated Ettercap TCP/IP Hijacking Tool

mypapers

Repository for hosting my research papers

nuclei

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.

omemishra

omemishra.github.io

osmedeus

Fully automated offensive security framework for reconnaissance and vulnerability scanning

pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

papermerge

Open Source Document Management System for Digital Archives (Scanned Documents)

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pcapxray

:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

pentest-tools

Custom pentesting tools

phishlets

Phishlets for Evilginx2 (MITM proxy Framework)

phishx

PhishX - The most powerful spear phishing tool

phishx-new-fix

New Fixes for the PHISHX Phishing Tool

poc-in-github

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

project-automation

This Is a tool build in python for the automation of VAPT so feel free to contribute if any one wants to.

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

reconnote

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters