A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

A Framework meant for the exploitation of iOS devices.

Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.

Moodle community-based vulnerability scanner

Most Responder's configuration power in your hand.

Burp Suite extensions if you want to teach Burp a new Transport-Encoding

Live Exploit is a powerful and versatile Python-based tool designed for Capture The Flag (CTF) challenges, exploit development, and vulnerability research.

yet another log4shell scanner

CAGE Framwork Hacking Tools Pack – A Penetration Testing Framework

NotesToCommands is a powerful command template experience, allowing users to instantly execute terminal commands, with varying arguments, grouped into sections in a note or file. It was originally created for pentesting uses, to avoid the needed remembrance and retyping of sets of commands for various attacks.

a python DoS (denial-of-service) tool that uses proxies to anonymize your attack

Scan a network for IP addresses that have hostnames

The PII Sniffer is a Python-based extension for the Burp Suite tool that, through intercepted HTTP requests, can detect sensitive data such as CPF numbers, phone numbers, important dates, and card numbers.

A DHCP rogue server using scapy

MidnightRAT is a lightweight, encrypted, Python-based red team payload designed to simulate APT-style Command & Control behavior, including polymorphism, adaptive sleep, and remote command execution for use in ethical hacking, red teaming, and adversary emulation labs.

The all-new Python version of Uberscan! Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.

JSHound is a recon tool designed for bug bounty hunters and pentesters. It helps you extract JavaScript files of a target domain from multiple sources (Wayback Machine, Common Crawl, urlscan.io), and then searches those files for potentially sensitive information such as API keys, tokens, credentials, and more.

An advanced Python-based Instagram account checker with multi-threading, proxy support, and smart anti-ban logic.

Pentester Toolchain is a penetration testing dynamic templating system used to automate toolchains on mutiple hosts

BlestSploit Framework, exploitation framework for Ethical Hackers and CyberSecurity Experts & Pentesters