Hunt down social media accounts by username across social networks

Automatic SQL injection and database takeover tool

Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

🤖 The Modern Port Scanner 🤖

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Test your prompts, agents, and RAGs. Red teaming/pentesting/vulnerability scanning for AI. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration.

Fast web fuzzer written in Go

A collection of hacking tools, resources and references to practice ethical hacking.

Web path scanner

Directory/File, DNS and VHost busting tool written in Go

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

hydra

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

The recursive internet scanner for hackers. 🧡

Attack Surface Management Platform