💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

• UpdatedNov 14, 2025
• Python

All knowledge I gained from CTFs, real life penetration testing and learning by myself.

• UpdatedFeb 14, 2026

Penetration Testing AI Assistant based on open source LLMs.

• UpdatedApr 9, 2025
• Python

Red Team Arsenal - a comprehensive collection of tools, scripts, and techniques for conducting red team operations and adversary simulations, including custom beacons, malleable C2 profiles, aggressor scripts, advanced payload generation methods, as well as other evasion tools, tailored for red team operations and security research.

• UpdatedDec 29, 2025
• C

A guide to using Kali Linux tools for web penetration testing, ethical hacking, forensics, and bug bounty. Covers setup, key tools, methodologies, and best practices. Optimized for security professionals.

• UpdatedMay 18, 2025

ClatsCracker is a versatile Executable & Python based password-cracking tool supporting 25 hash algorithms. It offers dictionary or brute-force attacks, adjustable threads, salted hash verification, a user-friendly menu, and progress feedback—ensuring, efficient, ethical password testing. The exe version does not require Python. Just open it!

• UpdatedJun 26, 2025
• Python

The VAPT Toolkit provides a streamlined way to install, configure, and maintain a complete penetration testing environment with 50+ security tools and custom automation frameworks organized across multiple categories.

• UpdatedFeb 1, 2026
• Python

Just like a ghost, Ghost_Dir is capable of detecting hidden subdirectories that other scanning tools may not be able to find. It acts silently, without leaving any traces, and is able to penetrate into obscure areas of the web page that usually go unnoticed.

• UpdatedMar 30, 2023
• JavaScript

Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It supports bulk domain scanning and logs detailed results for analysis.

• UpdatedFeb 2, 2025
• Python

Offensive Security Scripts (OSS) - Repository of random scripts I've written for offensive purposes.

• UpdatedFeb 21, 2025
• Shell

This repository is all about the POC and Tools that can be leveraged down for initial access in red teaming engagements.

• UpdatedOct 25, 2023
• Python

JavaScript Analysis Masterclass Lab is a hands-on educational lab built to help security enthusiasts and bug bounty hunters master JavaScript-based vulnerabilities.

• UpdatedMay 23, 2025
• JavaScript

A Dockerized environment for Kali Linux, optimized for penetration testing and security research.This repository contains a Dockerfile to build and run a Kali Linux container with a graphical user interface (GUI) accessible via Remote Desktop Protocol (RDP).

• UpdatedMay 24, 2025
• Batchfile

🕒 This repository contains the core source code and configuration files for the website. Feel free to modify, extend, and contribute to its development to improve functionality, add new features, and ensure the ongoing success of the project.

• UpdatedJan 16, 2025
• TypeScript

Pages documenting my Pentesting journey.

• UpdatedSep 14, 2025
• PHP

All-in-One Master ASN Processing with 0x ASN Processor | CIDR, DNS, IP & Port Scanning Made Easy!

• UpdatedApr 21, 2025
• Shell

JS Source Map Extractor & Secrets Scanner

• UpdatedFeb 17, 2026
• Python

THM DESCRIPTION: Get started with Cyber Security in 24 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas.

• UpdatedJan 15, 2024

A collection of awesome penetration testing and offensive cybersecurity resources.

• UpdatedMar 1, 2024

LSASSExtractor is a lightweight tool designed to capture memory dumps of the LSASS process on Windows systems. By leveraging the Windows API, it locates the target process and creates a memory dump, which can be analyzed to extract sensitive information such as passwords, encryption keys, and authentication tokens.

• UpdatedAug 28, 2024
• C++