Linux enumeration tool for pentesting and CTFs with verbosity levels

A fast, local first, reactive Database for JavaScript Applications https://rxdb.info/

Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Block-based software vulnerability fuzzing framework

Homebrew Tap - Pen Test Tools

An example rootkit that gives a userland process root permissions

a cheat-sheet for mathematical notation in code form

Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.

A WebSocket C2 Tool

Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

"Good Luck With That" Public License

This repository contains an example Python API that is vulnerable to several different web API attacks.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

Minimal supplement to upstream Kernel Self Protection Project changes. Features already provided by SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope. Only tags have stab…

A python script that finds endpoints in JavaScript files

Tool to perform directory enumeration of single page web applications

Covert command and control system for Red-Team Operations

A place to store my toy linux-security modules.

A keystroke / terminal logger for Linux.

A wrapper for a shell which will make a copy of everything printed to the terminal.

A cross-platform tool for data pipelines.

An interactive command-line HTTP and API testing client built on top of HTTPie featuring autocomplete, syntax highlighting, and more. https://twitter.com/httpie

goSDL

This is the keyneyloggins basic rootkit wireframe as presented at CarolinaCon 2018

Windows batch script that finds misconfiguration issues which can lead to privilege escalation.

Install Guide and Custom Scripts