Fish-like autosuggestions for zsh

Patched fonts for Powerline users.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Scripted Local Linux Enumeration & Privilege Escalation Checks

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Linux privilege escalation auditing tool

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

A repository with 3 tools for pwn'ing websites with .git repositories available

Git All the Payloads! A collection of web attack payloads.

Hestia Control Panel | A lightweight and powerful control panel for the modern web.

Various *nix tools built as statically-linked binaries

Various tips & tricks

Rockyou for web fuzzing

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widesprea…

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advan…

403/401 Bypass Methods + Bash Automation + Your Support ;)

Secure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

Self contained htaccess shells and attacks

⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)

A fast DOM based XSS vulnerability scanner with simplicity.

My subdomain enumeration script. It's unique in the way it is built upon.

Content discovery wordlists generated using BigQuery

bash script for Subdomain Enumeration

Automatic Service Enumeration Script

A script that can resolve an input file of domains and scan them with masscan

SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. It filters URLs to identify those with parameters susceptible…