Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

A vulnerability scanner for container images and filesystems

Find secrets with Gitleaks 🔑

Cross compiling toolchains in Docker images

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Detect common NFS server misconfigurations

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

OSINT cheat sheet, list OSINT tools, wiki, dataset, article, book , red team OSINT for hackers and OSINT tips and OSINT branch. This repository will grow every time will research, there is a resear…

chw00t - Unices chroot breaking tool

Extract browser histories from Firefox and Chrome, and export passwords from Firefox

A curated list of Android Security materials and resources For Pentesters and Bug Hunters

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles

Manage WhatsApp .crypt12, .crypt14 and .crypt15 files.

A collection of fascinating and bizarre Censys Search Queries

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more