|
| 1 | +Tool,Link,Description |
| 2 | +arsenal,https://github.com/Orange-Cyberdefense/arsenal,Powerful weapons for penetration testing. |
| 3 | +asdf,https://github.com/asdf-vm/asdf,Extendable version manager with support for ruby python go etc |
| 4 | +assetfinder,https://github.com/tomnomnom/assetfinder,Tool to find subdomains and IP addresses associated with a domain. |
| 5 | +Blackbird,https://github.com/p1ngul1n0/blackbird,An OSINT tool to search fast for accounts by username across 581 sites. |
| 6 | +carbon14,https://github.com/Lazza/carbon14,OSINT tool for estimating when a web page was written. |
| 7 | +Censys,https://github.com/censys/censys-python,An easy-to-use and lightweight API wrapper for Censys APIs |
| 8 | +constellation,https://github.com/constellation-app/Constellation,Find and exploit vulnerabilities in mobile applications. |
| 9 | +creds,https://github.com/ihebski/DefaultCreds-cheat-sheet,One place for all the default credentials to assist pentesters during an engagement. This document has several products default login/password gathered from multiple sources. |
| 10 | +CyberChef,https://github.com/gchq/CyberChef/,The Cyber Swiss Army Knife |
| 11 | +dnsenum,https://github.com/fwaeytens/dnsenum,dnsenum is a tool for enumerating DNS information about a domain. |
| 12 | +dtrx,https://github.com/dtrx-py/dtrx,Do The Right eXtraction - don't remember what set of tar flags or where to pipe the output to extract it? no worries! |
| 13 | +exegol-history,https://github.com/ThePorgs/Exegol-history,Credentials management for Exegol |
| 14 | +exifprobe,https://github.com/hfiguiere/exifprobe,Exifprobe is a command-line tool to parse EXIF data from image files. |
| 15 | +exiftool,https://github.com/exiftool/exiftool,ExifTool is a Perl library and command-line tool for reading / writing and editing meta information in image / audio and video files. |
| 16 | +finalrecon,https://github.com/thewhiteh4t/FinalRecon,A web reconnaissance tool that gathers information about web pages |
| 17 | +findomain,https://github.com/findomain/findomain,The fastest and cross-platform subdomain enumerator. |
| 18 | +firefox,https://www.mozilla.org,A web browser |
| 19 | +fzf,https://github.com/junegunn/fzf,🌸 A command-line fuzzy finder |
| 20 | +GeoPincer,https://github.com/tloja/GeoPincer,GeoPincer is a script that leverages OpenStreetMap's Overpass API in order to search for locations. |
| 21 | +gf,https://github.com/tomnomnom/gf,A wrapper around grep to avoid typing common patterns |
| 22 | +GHunt,https://github.com/mxrch/GHunt,Investigate Google Accounts with emails |
| 23 | +githubemail,https://github.com/paulirish/github-email,a command-line tool to retrieve a user's email from Github. |
| 24 | +glow,https://github.com/charmbracelet/glow,glow is a tool to render Markdown inside the terminal. |
| 25 | +GoMapEnum,https://github.com/nodauf/GoMapEnum,Nothing new but existing techniques are brought together in one tool. |
| 26 | +goshs,https://github.com/patrickhener/goshs,Goshs is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S with either self-signed certificate or user provided certificate and you can use HTTP basic auth. |
| 27 | +gron,https://github.com/tomnomnom/gron,Make JSON greppable! |
| 28 | +h8mail,https://github.com/khast3x/h8mail,Email OSINT and breach hunting. |
| 29 | +holehe,https://github.com/megadose/holehe,mail osint tool finding out if it is used on websites. |
| 30 | +ignorant,https://github.com/megadose/ignorant,holehe but for phone numbers. |
| 31 | +imagemagick,https://github.com/ImageMagick/ImageMagick,ImageMagick is a free and open-source image manipulation tool used to create / edit / compose / or convert bitmap images. |
| 32 | +Instaloader,https://github.com/instaloader/instaloader,Download content/captions/metadata from Instagram |
| 33 | +ipinfo,https://github.com/ipinfo/cli,Get information about an IP address or hostname. |
| 34 | +keepassxc,https://github.com/keepassxreboot/keepassxc,Cross-platform password manager |
| 35 | +linkedin2username,https://github.com/initstring/linkedin2username,Generate a list of LinkedIn usernames from a company name. |
| 36 | +maigret,https://github.com/soxoj/maigret,Collects information about a target email (or domain) from Google and Bing search results |
| 37 | +maltego,https://www.paterva.com/web7/downloads.php,A tool used for open-source intelligence and forensics |
| 38 | +mdcat,https://github.com/swsnr/mdcat,Fancy cat for Markdown |
| 39 | +Metagoofil,https://github.com/opsdisk/metagoofil,Metagoofil is a tool for gathering metadata of a website |
| 40 | +MurMurHash,https://github.com/QU35T-code/MurMurHash,This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. |
| 41 | +neovim,https://neovim.io/,hyperextensible Vim-based text editor |
| 42 | +nfsshell,https://github.com/Supermathie/nfsshell,NFSShell is a tool for interacting with NFS shares without mounting them. |
| 43 | +ngrok,https://github.com/inconshreveable/ngrok,Expose a local server behind a NAT or firewall to the internet |
| 44 | +objectwalker,https://github.com/p0dalirius/objectwalker,A python module to explore the object tree to extract paths to interesting objects in memory. |
| 45 | +OpenVPN,https://openvpn.net/,Fast and Easy Zero-Trust VPN Fully in Your Control |
| 46 | +phoneinfoga,https://github.com/sundowndev/PhoneInfoga,Information gathering & OSINT framework for phone numbers. |
| 47 | +photon,https://github.com/s0md3v/Photon,a fast web crawler which extracts URLs / files / intel & endpoints from a target. |
| 48 | +pwndb,https://github.com/davidtavarez/pwndb,A command-line tool for searching the pwndb database of compromised credentials. |
| 49 | +pwnedornot,https://github.com/thewhiteh4t/pwnedOrNot,Check if a password has been leaked in a data breach. |
| 50 | +pyftpdlib,https://github.com/giampaolo/pyftpdlib/,Extremely fast and scalable Python FTP server library |
| 51 | +pymeta,https://github.com/m8sec/pymeta,Google and Bing scraping osint tool |
| 52 | +recon-ng,https://github.com/lanmaster53/recon-ng,External recon tool. |
| 53 | +recondog,https://github.com/s0md3v/ReconDog,a reconnaissance tool for performing information gathering on a target. |
| 54 | +rlwrap,https://github.com/hanslub42/rlwrap,rlwrap is a small utility that wraps input and output streams of executables / making it possible to edit and re-run input history |
| 55 | +rsync,https://packages.debian.org/sid/rsync,File synchronization tool for efficiently copying and updating data between local or remote locations |
| 56 | +searchsploit,https://gitlab.com/exploit-database/exploitdb,A command line search tool for Exploit-DB |
| 57 | +shellerator,https://github.com/ShutdownRepo/Shellerator,a simple command-line tool for generating shellcode |
| 58 | +Sherlock,https://github.com/sherlock-project/sherlock,Hunt down social media accounts by username across social networks. |
| 59 | +simplyemail,https://github.com/SimplySecurity/SimplyEmail,a scriptable command line tool for sending emails |
| 60 | +spiderfoot,https://github.com/smicallef/spiderfoot,A reconnaissance tool that automatically queries over 100 public data sources |
| 61 | +subfinder,https://github.com/projectdiscovery/subfinder,Tool to find subdomains associated with a domain. |
| 62 | +sublist3r,https://github.com/aboul3la/Sublist3r,a Python tool designed to enumerate subdomains of websites. |
| 63 | +theharvester,https://github.com/laramies/theHarvester,Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources |
| 64 | +thr,https://www.thehacker.recipes/,THR (The Hacker Recipes) is aimed at providing technical guides on various hacking topics. |
| 65 | +tig,https://github.com/jonas/tig,Tig is an ncurses-based text-mode interface for git. |
| 66 | +tor,https://github.com/torproject/tor,Anonymity tool that can help protect your privacy and online identity by routing your traffic through a network of servers. |
| 67 | +toutatis,https://github.com/megadose/Toutatis,Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails / phone numbers and more. |
| 68 | +trevorspray,https://github.com/blacklanternsecurity/TREVORspray,TREVORspray is a modular password sprayer with threading SSH proxying loot modules / and more |
| 69 | +TriliumNext,https://github.com/TriliumNext/Notes,Personal knowledge management system (successor to Trilium). |
| 70 | +uberfile,https://github.com/ShutdownRepo/Uberfile,Uberfile is a simple command-line tool aimed to help pentesters quickly generate file downloader one-liners in multiple contexts (wget / curl / powershell / certutil...). This project code is based on my other similar project for one-liner reverseshell generation Shellerator. |
| 71 | +uploader,https://github.com/Frozenka/uploader,Tool for quickly downloading files to a remote machine based on the target operating system |
| 72 | +waybackurls,https://github.com/tomnomnom/waybackurls,Fetch all the URLs that the Wayback Machine knows about for a domain. |
| 73 | +wesng,https://github.com/bitsadmin/wesng,WES-NG is a tool based on the output of Windows's systeminfo utility which provides the list of vulnerabilities the OS is vulnerable to including any exploits for these vulnerabilities. |
| 74 | +whatportis,https://github.com/ncrocfer/whatportis,Command-line tool to lookup port information |
| 75 | +whois,https://packages.debian.org/sid/whois,See information about a specific domain name or IP address. |
| 76 | +wireguard,https://www.wireguard.com,WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography |
| 77 | +Yalis,https://github.com/EatonChips/yalis,Yet Another LinkedIn Scraper |
| 78 | +youtubedl,https://github.com/ytdl-org/youtube-dl,Download videos from YouTube and other sites. |
| 79 | +yt-dlp,https://github.com/yt-dlp/yt-dlp,A youtube-dl fork with additional features and fixes |
| 80 | +Zehef,https://github.com/N0rz3/Zehef,Zehef is an osint tool to track emails |
0 commit comments