Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to…

OSINT tool to get information from a github profile and find GitHub user’s email addresses leaked on commits. How does…

I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer…

Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and…

A library to enhance and speed up script/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but…

A golang tool that uses the dehashed.com API to search for compromised assets. Results can then be compiled into a…

PoC Exploit for Microsoft Exchange Launche Original PoC: https://github.com/testanull How to use: python proxylogon.py <name or IP of server> <[email protected]>…

Fast browser-based network discovery module Description netmap.js provides browser-based host discovery and port scanning capabilities to allow you to map…

Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. Setup Step 1: Install…

An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8  About Vajra  …