Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

Collection of Georgian Wordlists

Cybersecurity AI (CAI), an open Bug Bounty-ready Artificial Intelligence

The Network Execution Tool

Cloud subdomains identification tool

A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

The Simple Agent Development Kit.

Navigate the CVE jungle with ease.

Fast and configurable TLS grabber focused on TLS based data collection.

Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardeni…

Awesome cloud enumerator

Identify privilege escalation paths within and across different clouds

Multi-Cloud Security Auditing Tool

A comprehensive scanner for Google Cloud

Use the GCP testIamPermissions functionality to bruteforce and discover your permissions

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

Automation to assess the state of your M365 tenant against CISA's baselines

Pre-Built Vulnerable Environments Based on Docker-Compose

ScriptSentry finds misconfigured and dangerous logon scripts.

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

PingCastle - Get Active Directory Security at 80% in 20% of the time

The Official WiFi Pineapple Module Repository for the WiFi Pineapple Mark VII

Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023

Nmap Dashboard Mini Project