This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

HomePwn - Swiss Army Knife for Pentesting of IoT Devices

CRLF and open redirect fuzzer

Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS

Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Automated Adversary Emulation Platform

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Exploring possibilities of ESP32 platform to attack on nearby Wi-Fi networks.

A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewer

Automate extraction from iOS firmware files (.ipsw)

Metasploit Framework

Fast passive subdomain enumeration tool.

Ghidra is a software reverse engineering (SRE) framework

A collection of red team and adversary emulation resources developed and released by MITRE.

A post-exploitation powershell tool for extracting juicy info from memory.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

Tool to look for several security related Android application vulnerabilities

World's fastest and most advanced password recovery utility

Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.

Scans for accessibility tools backdoors via RDP

Linux/Windows post-exploitation framework made by linux user

Python tools for penetration testers

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

Cobalt Strike kit for Lateral Movement

🕳 bore is a simple CLI tool for making tunnels to localhost

Python wrapper for urlscan.io's API

Browser Extension Analysis Framework - Scan, Analyze Chrome, firefox and Brave extensions for vulnerabilities and intels