This list has moved to pwnd.dev
- Metaspoit: Penetration testing software
- GhostShell: Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
- BeEF: The Browser Exploitation Framework
- PTF: Penetration Testers Framework
- Bettercap: MITM framework
- Nessus: Vulnerability scanner
- AutoNessus: Auto Nessus
- BDFProxy: Patch Binaries via MITM (BackdoorFactory)
- Xplico: Network Forensic Analysis Tool (eg. parse pcap file)
- Sqlmap: Automatic SQL injection and database takeover tool
- jsql-injection: Java application for automatic SQL database injection
- HoneyProxy: MITM
- Gophish: Open-Source Phishing Framework
- SET: Social-Engineer Toolkit
- USBRubberDucky: USB Rubber Ducky
- USB Wifi Ducky: Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
- WHID: WiFi HID Injector for Fun & Profit - An USB Rubberducky On Steroids.
- SimplyEmail: Email recon framework
- WiFI pineapple: WiFI pineapple (mitm)
- makeMyCSRF: makeMyCSRF is a tool that can be used to automate auto-submit HTML form creation
- Weeman: HTTP Server for phishing
- PlugBot: The PlugBot: Hardware Botnet Research Project
- Pwn Phone: Portable pentesting device
- EmPyre: A post-exploitation OS X/Linux agent written in Python 2.7
- Mimikatz: A little tool to play with Windows security (videos)
- Acunetix: Scanner to check for XSS, SQL Injection and other web vulnerabilities
- Burp Suite: The leading toolkit for web application security testing
- Burp NoPE Proxy: Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
- ntopng: High-speed web-based traffic analysis
- nethogs: Linux 'net top' tool
- jnettop: traffic visualiser
- Lynis: Security auditing tool for Linux, macOS, and UNIX-based systems
- Volatility: An advanced memory forensics framework
- Radare: portable reversing framework
- Android Fallible: Secrets leak in Android apps
- XssPy: Web Application XSS Scanner
- Unicorn: Tool for using a PowerShell downgrade attack and inject shellcode straight into memory
- changeme: A default credential scanner
- Mercure: Tool for security managers who want to train their collaborators to phishing
- catphish: For phishing and corporate espionage
- Security Checklist: The SaaS CTO Security Checklist
- cgPwn: A lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming tasks
- pwlist: Password lists obtained from strangers attempting to log in to my server
- howmanypeoplearearound: Count the number of people around you by monitoring wifi signals
- xss-listener: XSS Listener is a penetration tool for easy to steal data with various XSS
- owasp-mstg: The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering
- KeychainCracker: macOS keychain cracking tool
- Microsploit: Fast and easy create backdoor office exploitation using module metasploit packet
- InjectProc: Process Injection Techniques
- expdevBadChars: Bad Characters highlighter for exploit development
- massExpConsole: Collection of Tools and Exploits with a CLI UI
- getsploit: Command line utility for searching and downloading exploits
- Findsploit: Find exploits in local and online databases instantly
- vulscan: Advanced vulnerability scanning with Nmap NSE
- psychoPATH: a blind webroot file upload & LFI detection tool
- repo-supervisor: Scan your code for security misconfiguration, search for passwords and secrets
- xssor: Hack with Javascript (online tool)
- xray: XRay is a tool for recon, mapping and OSINT gathering from public networks
- Frida: Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX
- objection: runtime mobile exploration (based on Frida)
- pwnbox: Docker container with tools for binary reverse engineering and exploitation
- backdoor-apk: shell script that simplifies the process of adding a backdoor to any Android APK file
- Attify OS: Distro for pentesting IoT devices
- Zeus: AWS Auditing & Hardening Tool
- EvilAbigail: Automated Linux evil maid attack (backdoors initrd)
- mitm-router: Man-in-the-middle wireless access point inside a docker container
- Dracnmap: Exploit Network and Gathering Information with Nmap
- RastLeak: Tool To Automatic Leak Information Using Hacking With Engine Searches
- pupy: remote administration and post-exploitation tool (python)
- pwndsh: Post-exploitation framework (bash) (presentation)
- kwetza: Python script to inject existing Android applications with a Meterpreter payload
- zmap: ZMap Internet Scanner
- zgrab: Application layer scanner that operates with ZMap
- OpenVAS: The world's most advanced Open Source vulnerability scanner and manager
- Vulny-Code-Static-Analysis: Basic script to detect vulnerabilities into a PHP source code
- knockpy: Knock Subdomain Scan
- BoopSuite: A Suite of Tools written in Python for wireless auditing and security testing (demo)
- DataSploit: An OSINT Framework to perform various recon techniques
- domain_analyzer: Analyze the security of any domain by finding all the information possible
- Luckystrike: A PowerShell based utility for the creation of malicious Office macro documents (demo)
- sqlcheck: Automatically identify anti-patterns in SQL queries
- SSRF Testing: https://github.com/cujanovic/SSRF-Testing/
- XFLTReaT: Tunnelling Framework (kitploit)
- rudra: Framework for exhaustive analysis of (PCAP and PE) files
- PenBox: Penetration Testing Framework - The Tool With All The Tools , The Hacker's Repo (website)
- post-exploitation: Post Exploitation Collection
- p0wnedShell: PowerShell Runspace Post Exploitation Toolkit
- sshpry: Seamlessly spy on SSH session like it is your tty
- cameradar: Cameradar hacks its way into RTSP CCTV cameras
- DET: Data Exfiltration Toolkit
- AhMyth-Android-RAT: Android Remote Administration Tool
- cve-search: tool to perform local searches for known vulnerabilities
- kernelpop: kernel privilege escalation enumeration and exploitation framework (kitsploit.com)
- subjack: Hostile Subdomain Takeover tool (blog)
- nmap-vulners: NSE script based on Vulners.com API
- recon-ng: full-featured Web Reconnaissance framework
- InSpy: A LinkedIn enumeration tool
- routersploit: The Router Exploitation Framework
- Zeus-Scanner: Advanced reconnaissance utility
- btlejuice: BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework
- censys-subdomain-finder: Perform subdomain enumeration using the certificate transparency logs from Censys
- Striker: Striker is an offensive information and vulnerability scanner
- ezsploit: Linux bash script automation for metasploit
- ctfr: Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
- autosploit: Automated mass exploitation of remote hosts using Shodan and Metasploit
- evilgrade: take advantage of poor upgrade implementations by injecting fake updates
- crt.sh: Certificate Search (eg. %.cambridgeanalytica.org)
- usbdetective: application for identifying, investigating, and reporting on USB storage devices that have been connected to a Windows system
- Galileo: Web Application Audit Framework
- XSStrike: XSS Scanner equipped with powerful fuzzing engine & intelligent payload generator
- emkei.cz: Free online fake mailer with attachments, encryption, HTML editor and advanced settings…
- probequest: Toolkit for Playing with Wi-Fi Probe Requests
- wifite2: Rewrite of the popular wireless network auditor, "wifite", for auditing wireless networks
- Diggy: Extract endpoints from apk files
- pyfiscan: Free web-application vulnerability and version scanner
- sandmap: tool supporting network and system reconnaissance using the massive Nmap engine
- gitrob: Reconnaissance tool for GitHub organizations
- evilginx2: mitm attack framework used for phishing login credentials
- Modlishka: Reverse Proxy. Phishing NG
- trape: People tracker on the Internet: OSINT analysis and research tool
- HiddenEye: Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services
- assetfinder: Find domains and subdomains related to a given domain
- waybackurls: Fetch all the URLs that the Wayback Machine knows about for a domain
- vaf: Very Advanced (web) Fuzzer
- Extended SSRF search: SSRF search vulnerabilities exploitation extended.
- https://github.com/eset/malware-ioc: Indicators of Compromises (IOC) of our various investigations
- Emutag: Mifare ultralight and ntag2x3 emulator
- WiFi deauther OLED V2
- Mobile Hack Gear
- bully-vanilla: Bully is a new implementation of the WPS brute force attack
- boxon: Détecteur box vulnérables à la brèche PIN NULL (topic)
- NullWpsPinAuto: Simple bash script intended to exploit the Null Wps Pin breach automatically
- The definitive guide to form-based website authentication
- Improved Persistent Login Cookie Best Practice
- Nmap Cheat Sheet
- XSS Cheat Sheet
- Collection of CSP bypasses
- GTFOBins: Curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions
- https://github.com/zbetcheckin/Security_list
- https://github.com/Hack-with-Github/Awesome-Hacking
- https://github.com/enaqx/awesome-pentest
- https://github.com/shieldfy/API-Security-Checklist
- https://github.com/forter/security-101-for-saas-startups
- https://github.com/carpedm20/awesome-hacking
- https://github.com/sobolevn/awesome-cryptography
- https://github.com/secfigo/Awesome-Fuzzing
- https://github.com/vitalysim/Awesome-Hacking-Resources
- https://github.com/jivoi/awesome-osint
- https://github.com/terjanq/Tiny-XSS-Payloads: A collection of tiny XSS Payloads that can be used in different contexts.