Take it like a gift

enum4Linux
featured
enum4Linux

Enumerate data from Windows and Samba hosts.

cariddi
cariddi

Crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more.

GOAD
GOAD

Game of Active Directory.

Nishang
Nishang

Offensive PowerShell for red team, penetration testing and offensive security.

fingerprintx
fingerprintx

Standalone utility for service discovery on open ports!

Ronin
Ronin

A free and open source Ruby toolkit for security research and development.

pywerview
pywerview

A (partial) Python rewriting of PowerSploit's PowerView.

SubOver
SubOver

A Powerful Subdomain Takeover Tool.

subnerium
subnerium

A fast passive subdomain enumeration tool that uses various sources to gather data.

GTFOBins
GTFOBins

Unix binaries that can be used to bypass local security restrictions in misconfigured systems.

XXExploiter
XXExploiter

Tool to help exploit XXE vulnerabilities.

dumpcreds
dumpcreds

May be used to extract various credentials from running processes.

t14m4t
t14m4t

Automated brute-forcing attack tool.

gwdomains
gwdomains

Sub domain wild card filtering tool.

Extended XSS Searcher and Finder
Extended XSS Searcher and Finder

Scans for different types of XSS on a list of urls.