A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Web path scanner

A collection of custom security tools for quick needs.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Automated NoSQL database enumeration and web application exploitation tool.

Fancy reverse and bind shell handler

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

🆕 The Multi-Tool Web Vulnerability Scanner.

The Offensive Manual Web Application Penetration Testing Framework.

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Security Tool to Look For Interesting Files in S3 Buckets

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Automatic Enumeration Tool based in Open Source tools

Username enumeration and password spraying tool aimed at Microsoft O365.

Subdomain and target enumeration tool built for offensive security testing

onedrive user enumeration - pentest tool to enumerate valid o365 users

Multi Tool Subdomain Enumeration

kernel privilege escalation enumeration and exploitation framework

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.