A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Web path scanner

In-depth attack surface mapping and asset discovery

Tools and Techniques for Red Team / Penetration Testing

A fast, simple, recursive content discovery tool written in Rust.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Monitor linux processes without root permissions

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

A collection of custom security tools for quick needs.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Automated NoSQL database enumeration and web application exploitation tool.

Fancy reverse and bind shell handler

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

无状态子域名爆破工具

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Simple, extensible and powerful enumeration implementation for Laravel.

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

The Offensive Manual Web Application Penetration Testing Framework.