A vast collection of security tools for bug bounty, pentest and red teaming
#exploits






Invoke-PSImage
Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute.


















TrevorC2
A legitimate website that tunnels client/server communications for covert command execution.




SpoolSploit
Collection of Windows print spooler exploits and other utilities for practical exploitation.







GitHacker
A Git source leak exploit tool that restores the entire Git repository, including data from stash.








Windows Exploit Suggester
Compares target patch levels against the Microsoft vulnerability DB to detect missing patches.





















SearchSploit
Cli tool for Exploit-DB that also allows you to take a copy of Exploit Database with you.




Shadow Workers
C2 and proxy designed to help in the exploitation of XSS and malicious Service Workers.



XSSer
Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.









Evil SQL Client
Interactive .NET SQL console client with enhanced SQL Server discovery/access/exfiltration features.










BeEF
The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.











