Skip to content
Change the repository type filter

All

    Repositories list

    • "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
      724001Updated Aug 17, 2024Aug 17, 2024
    • HTML
      931400Updated Mar 15, 2024Mar 15, 2024
    • The official Python library for Shodan
      Python
      Other
      571000Updated Dec 17, 2023Dec 17, 2023
    • 📌 A guide for amateurs pen testers and a collection of hacking tools, resources and references to practice ethical hacking, pen testing and web security.
      MIT License
      1.6k1900Updated Oct 16, 2023Oct 16, 2023
    • XSStrike

      Public
      Most advanced XSS detection suite.
      Python
      GNU General Public License v3.0
      1.9k000Updated Mar 20, 2022Mar 20, 2022
    • CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
      Python
      MIT License
      109000Updated Mar 7, 2022Mar 7, 2022
    • knock

      Public
      Knock Subdomain Scan
      Python
      867000Updated May 29, 2021May 29, 2021
    • massc

      Public
      Subdomain Scanner Tools with word-lists
      JavaScript
      11200Updated May 28, 2021May 28, 2021
    • Open source education content for the researcher community
      Creative Commons Attribution 4.0 International
      557200Updated May 28, 2021May 28, 2021
    • A list of interesting payloads, tips and tricks for bug bounty hunters.
      Creative Commons Attribution Share Alike 4.0 International
      1.6k700Updated Dec 15, 2020Dec 15, 2020
    • opspack

      Public
      Opspack (Open Source Security Package) is a simple package manager for bug bounty/offensive. Using command line interface that can be used to install,update and upgrade tools easily with lots of open source repositories on Github.
      Shell
      MIT License
      31100Updated Jun 13, 2019Jun 13, 2019
    • Recsech

      Public
      Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
      PHP
      GNU General Public License v3.0
      46200Updated Jun 3, 2019Jun 3, 2019
    • Bashter

      Public
      Web Crawler, Scanner, and Analyzer Framework (Shell-Script based)
      Shell
      BSD 3-Clause "New" or "Revised" License
      35000Updated May 2, 2019May 2, 2019
    • Adhrit

      Public
      Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusiasts alike. The tool is an effort to cut down on the amount of time spent on reversing and basic reconnaissance of Android applications.
      Python
      GNU General Public License v3.0
      129100Updated Mar 12, 2019Mar 12, 2019
    • 😱 A curated list of amazingly awesome OSINT
      Other
      2.9k000Updated Mar 12, 2019Mar 12, 2019
    • Awesome web penetration testing
      6000Updated Feb 24, 2019Feb 24, 2019
    • The unofficial HackerOne disclosure Timeline
      3913600Updated Dec 16, 2018Dec 16, 2018
    • The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
      HTML
      Creative Commons Attribution Share Alike 4.0 International
      2.4k000Updated Dec 14, 2018Dec 14, 2018
    • Para pencari bug / celah kemanan bisa bergabung.
      107800Updated Dec 13, 2018Dec 13, 2018
    • Mobile penetration testing android command cheatsheet
      111000Updated Dec 13, 2018Dec 13, 2018
    • gobuster

      Public
      Directory/file & DNS busting tool written in Go
      Go
      Apache License 2.0
      1.2k000Updated Dec 11, 2018Dec 11, 2018
    • ReconDog

      Public
      Reconnaissance Swiss Army Knife
      Python
      Apache License 2.0
      340000Updated Dec 11, 2018Dec 11, 2018
    • aquatone

      Public
      A Tool for Domain Flyovers
      Go
      MIT License
      883000Updated Dec 8, 2018Dec 8, 2018
    • Penetration tests cases, resources and guidelines.
      GNU General Public License v3.0
      550200Updated Dec 8, 2018Dec 8, 2018
    • PENTOL

      Public
      PENTOL - Pentester Toolkit for Fiddler2
      JavaScript
      20300Updated Dec 7, 2018Dec 7, 2018
    • Amass

      Public
      In-depth DNS Enumeration and Network Mapping
      Go
      Other
      1.9k000Updated Dec 3, 2018Dec 3, 2018
    • A list of useful payloads and bypass for Web Application Security and Pentest/CTF
      Python
      15k000Updated Nov 27, 2018Nov 27, 2018
    • A collection of awesome penetration testing resources, tools and other shiny things
      4.5k000Updated Nov 24, 2018Nov 24, 2018
    • Awesome XSS stuff
      JavaScript
      MIT License
      767000Updated Nov 24, 2018Nov 24, 2018
    • Photon

      Public
      Incredibly fast crawler designed for OSINT.
      Python
      GNU General Public License v3.0
      1.5k000Updated Nov 23, 2018Nov 23, 2018