SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strin…

Groff 55 21 Updated Oct 1, 2015

nahamsec / bbht

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

Shell 1,237 438 Updated Jul 3, 2024

nahamsec / lazyrecon

This script is intended to automate your reconnaissance process in an organized fashion

Shell 2,033 587 Updated Aug 19, 2021

assetnote / kiterunner

Contextual Content Discovery Tool

Go 3,159 333 Updated Apr 29, 2024

Tib3rius / Pentest-Cheatsheets

Python 1,160 285 Updated Apr 21, 2021

arainho / awesome-api-security

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

3,781 626 Updated Nov 23, 2025

PowerShellMafia / PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

PowerShell 12,968 4,717 Updated Aug 17, 2020

theonlykernel / enumeration

200 55 Updated Jan 19, 2020

sagishahar / lpeworkshop

Windows / Linux Local Privilege Escalation Workshop

Batchfile 2,077 481 Updated Oct 9, 2022

tanprathan / MobileApp-Pentest-Cheatsheet

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

5,188 1,318 Updated Feb 8, 2024

redcode-labs / Revssl

A script that automates generation of OpenSSL reverse shells

Shell 304 38 Updated Sep 24, 2020

sqshq / sampler

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.

Go 14,551 664 Updated Feb 22, 2024

D35m0nd142 / LFISuite

Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner

Python 1,932 405 Updated Apr 13, 2022

chrispetrou / FDsploit

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Python 273 79 Updated Mar 24, 2021

internetwache / GitTools

A repository with 3 tools for pwn'ing websites with .git repositories available

Shell 4,135 636 Updated Jun 14, 2023

maurosoria / dirsearch

Web path scanner

Python 14,227 2,435 Updated Apr 29, 2026

cihanmehmet / sub.sh

Multiprocessing(Parallel)Subdomain Detect Script

Shell 329 83 Updated Jan 28, 2024

s0md3v / sqlmate

A friend of SQLmap which will do what you always expected from SQLmap.

Python 451 122 Updated May 5, 2019

sinfulz / JustTryHarder

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Python 831 107 Updated Dec 15, 2025

Warflop / cloudbunny

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Python 376 66 Updated Feb 4, 2024

sleventyeleven / linuxprivchecker

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Python 1,792 542 Updated Jan 31, 2022

cheetz / sslScrape

SSLScrape | A scanning tool for scaping hostnames from SSL certificates.

Python 338 102 Updated Apr 29, 2021

bee-san / RustScan

🤖 The Modern Port Scanner 🤖

Rust 19,690 1,320 Updated Apr 21, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

computant

Block or report computant

Stars

gitleaks / gitleaks

byt3bl33d3r / Red-Baron

trustedsec / ptf

horsicq / Detect-It-Easy

nagwww / s3-leaks

nahamsec / SecLists