| arsenal |
https://github.com/Orange-Cyberdefense/arsenal |
Powerful weapons for penetration testing. |
| asdf |
https://github.com/asdf-vm/asdf |
Extendable version manager with support for ruby python go etc |
| assetfinder |
https://github.com/tomnomnom/assetfinder |
Tool to find subdomains and IP addresses associated with a domain. |
| Blackbird |
https://github.com/p1ngul1n0/blackbird |
An OSINT tool to search fast for accounts by username across 581 sites. |
| buster |
https://github.com/sham00n/Buster |
Advanced OSINT tool |
| carbon14 |
https://github.com/Lazza/carbon14 |
OSINT tool for estimating when a web page was written. |
| Censys |
https://github.com/censys/censys-python |
An easy-to-use and lightweight API wrapper for Censys APIs |
| constellation |
https://github.com/constellation-app/Constellation |
Find and exploit vulnerabilities in mobile applications. |
| creds |
https://github.com/ihebski/DefaultCreds-cheat-sheet |
One place for all the default credentials to assist pentesters during an engagement. This document has several products default login/password gathered from multiple sources. |
| CyberChef |
https://github.com/gchq/CyberChef/ |
The Cyber Swiss Army Knife |
| dnsenum |
https://github.com/fwaeytens/dnsenum |
dnsenum is a tool for enumerating DNS information about a domain. |
| exifprobe |
https://github.com/hfiguiere/exifprobe |
Exifprobe is a command-line tool to parse EXIF data from image files. |
| exiftool |
https://github.com/exiftool/exiftool |
ExifTool is a Perl library and command-line tool for reading / writing and editing meta information in image / audio and video files. |
| finalrecon |
https://github.com/thewhiteh4t/FinalRecon |
A web reconnaissance tool that gathers information about web pages |
| findomain |
https://github.com/findomain/findomain |
The fastest and cross-platform subdomain enumerator. |
| firefox |
https://www.mozilla.org |
A web browser |
| fzf |
https://github.com/junegunn/fzf |
🌸 A command-line fuzzy finder |
| GeoPincer |
https://github.com/tloja/GeoPincer |
GeoPincer is a script that leverages OpenStreetMap's Overpass API in order to search for locations. |
| gf |
https://github.com/tomnomnom/gf |
A wrapper around grep to avoid typing common patterns |
| githubemail |
https://github.com/paulirish/github-email |
a command-line tool to retrieve a user's email from Github. |
| GoMapEnum |
https://github.com/nodauf/GoMapEnum |
Nothing new but existing techniques are brought together in one tool. |
| goshs |
https://github.com/patrickhener/goshs |
Goshs is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S with either self-signed certificate or user provided certificate and you can use HTTP basic auth. |
| gron |
https://github.com/tomnomnom/gron |
Make JSON greppable! |
| h8mail |
https://github.com/khast3x/h8mail |
Email OSINT and breach hunting. |
| holehe |
https://github.com/megadose/holehe |
mail osint tool finding out if it is used on websites. |
| ignorant |
https://github.com/megadose/ignorant |
holehe but for phone numbers. |
| imagemagick |
https://github.com/ImageMagick/ImageMagick |
ImageMagick is a free and open-source image manipulation tool used to create / edit / compose / or convert bitmap images. |
| ipinfo |
https://github.com/ipinfo/cli |
Get information about an IP address or hostname. |
| linkedin2username |
https://github.com/initstring/linkedin2username |
Generate a list of LinkedIn usernames from a company name. |
| maigret |
https://github.com/soxoj/maigret |
Collects information about a target email (or domain) from Google and Bing search results |
| maltego |
https://www.paterva.com/web7/downloads.php |
A tool used for open-source intelligence and forensics |
| mdcat |
https://github.com/swsnr/mdcat |
Fancy cat for Markdown |
| MurMurHash |
https://github.com/QU35T-code/MurMurHash |
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. |
| neovim |
https://neovim.io/ |
hyperextensible Vim-based text editor |
| ngrok |
https://github.com/inconshreveable/ngrok |
Expose a local server behind a NAT or firewall to the internet |
| objectwalker |
https://github.com/p0dalirius/objectwalker |
A python module to explore the object tree to extract paths to interesting objects in memory. |
| osrframework |
https://github.com/i3visio/osrframework |
Include references to a bunch of different applications related to username checking / DNS lookups / information leaks research / deep web search / regular expressions extraction and many others. |
| phoneinfoga |
https://github.com/sundowndev/PhoneInfoga |
Information gathering & OSINT framework for phone numbers. |
| photon |
https://github.com/s0md3v/Photon |
a fast web crawler which extracts URLs / files / intel & endpoints from a target. |
| pwndb |
https://github.com/davidtavarez/pwndb |
A command-line tool for searching the pwndb database of compromised credentials. |
| pwnedornot |
https://github.com/thewhiteh4t/pwnedOrNot |
Check if a password has been leaked in a data breach. |
| pymeta |
https://github.com/m8sec/pymeta |
Google and Bing scraping osint tool |
| recon-ng |
https://github.com/lanmaster53/recon-ng |
External recon tool. |
| recondog |
https://github.com/s0md3v/ReconDog |
a reconnaissance tool for performing information gathering on a target. |
| rlwrap |
https://github.com/hanslub42/rlwrap |
rlwrap is a small utility that wraps input and output streams of executables / making it possible to edit and re-run input history |
| rsync |
https://packages.debian.org/sid/rsync |
File synchronization tool for efficiently copying and updating data between local or remote locations |
| searchsploit |
https://gitlab.com/exploit-database/exploitdb |
A command line search tool for Exploit-DB |
| shellerator |
https://github.com/ShutdownRepo/Shellerator |
a simple command-line tool for generating shellcode |
| Sherlock |
https://github.com/sherlock-project/sherlock |
Hunt down social media accounts by username across social networks. |
| simplyemail |
https://github.com/SimplySecurity/SimplyEmail |
a scriptable command line tool for sending emails |
| spiderfoot |
https://github.com/smicallef/spiderfoot |
A reconnaissance tool that automatically queries over 100 public data sources |
| subfinder |
https://github.com/projectdiscovery/subfinder |
Tool to find subdomains associated with a domain. |
| sublist3r |
https://github.com/aboul3la/Sublist3r |
a Python tool designed to enumerate subdomains of websites. |
| theharvester |
https://github.com/laramies/theHarvester |
Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources |
| tig |
https://github.com/jonas/tig |
Tig is an ncurses-based text-mode interface for git. |
| tor |
https://github.com/torproject/tor |
Anonymity tool that can help protect your privacy and online identity by routing your traffic through a network of servers. |
| toutatis |
https://github.com/megadose/Toutatis |
Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails / phone numbers and more. |
| trevorspray |
https://github.com/blacklanternsecurity/TREVORspray |
TREVORspray is a modular password sprayer with threading SSH proxying loot modules / and more |
| trilium |
https://github.com/zadam/trilium |
Personal knowledge management system. |
| uberfile |
https://github.com/ShutdownRepo/Uberfile |
Uberfile is a simple command-line tool aimed to help pentesters quickly generate file downloader one-liners in multiple contexts (wget / curl / powershell / certutil...). This project code is based on my other similar project for one-liner reverseshell generation Shellerator. |
| uploader |
https://github.com/Frozenka/uploader |
Tool for quickly downloading files to a remote machine based on the target operating system |
| waybackurls |
https://github.com/tomnomnom/waybackurls |
Fetch all the URLs that the Wayback Machine knows about for a domain. |
| whatportis |
https://github.com/ncrocfer/whatportis |
Command-line tool to lookup port information |
| whois |
https://packages.debian.org/sid/whois |
See information about a specific domain name or IP address. |
| Yalis |
https://github.com/EatonChips/yalis |
Yet Another LinkedIn Scraper |
| youtubedl |
https://github.com/ytdl-org/youtube-dl |
Download videos from YouTube and other sites. |
| yt-dlp |
https://github.com/yt-dlp/yt-dlp |
A youtube-dl fork with additional features and fixes |