Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to…
Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to…
OSINT tool to get information from a github profile and find GitHub user’s email addresses leaked on commits. How does…
I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer…
Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and…
A library to enhance and speed up script/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but…
A golang tool that uses the dehashed.com API to search for compromised assets. Results can then be compiled into a…
PoC Exploit for Microsoft Exchange Launche Original PoC: https://github.com/testanull How to use: python proxylogon.py <name or IP of server> <[email protected]>…
Fast browser-based network discovery module Description netmap.js provides browser-based host discovery and port scanning capabilities to allow you to map…
Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. Setup Step 1: Install…
An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8 About Vajra …