Attack Surface Discovery tool built on a microservice approach, utilizing multi-threading for fast, internet-scale asset indexing
Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible in m…
Professional network monitoring & visualization tool. L0P4Map combines high-speed ARP discovery with full nmap integration and a real-time i…
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc.…
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
Install open-source software from source to focus on Zero Trust Network principles, enhancing security for existing applications, and deploy…
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
A multi-platform fuzzer for poking at userland binaries, network clients and servers
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
Information Gatherer & Webapps Exploiter
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests…
LZR quickly detects and fingerprints unexpected services running on unexpected ports.
MalQR is a collection of malicious QR Codes and Barcodes you can use to test the security of your scanners.
The fastest Internet port scanner. Can scan the entire IPv4 address space in under 6 minutes. Produces output compatible with Nmap.
A fast network scanning tool to detect open ports and security vulnerabilities (Compatible with Debian & Red Hat OS)
A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.
AI-first security scanner with 76 analyzers, 9,600+ detection rules, and repo poisoning detection for AI/ML, LLM agents, and MCP servers. Sc…
Nmap script to detect a Microsoft Exchange instance version with OWA enabled.
Attack Surface Management since before Attack Surface Management was a thing
Feature-packed reimplementation of Netcat from the Nmap project. Adds SSL/TLS support, connection brokering, and scripting capabilities.
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still wo…
Fast service fingerprinting CLI for 170+ protocols (TCP/UDP/SCTP) - built by Praetorian
Industry-leading vulnerability scanner with 170,000+ plugins. Identifies vulnerabilities, misconfigurations, default passwords, and complian…