#utils

cheat.sh
cheat.sh

The only cheat sheet you need.

cve-search
cve-search

A tool to perform local searches for known vulnerabilities.

pipedream
pipedream

Collect HTTP or webhook requests and inspect them in a human-friendly way.

webhook.site
webhook.site

Easily test HTTP webhooks with this handy tool that displays requests instantly.

zmap
zmap

Fast single packet network scanner designed for Internet-wide network surveys.

bore
bore

A simple CLI tool for making tunnels to localhost.

macchanger
macchanger

Makes the maniputation of MAC addresses of network interfaces easier.

graphql-voyager
graphql-voyager

Represent any GraphQL API as an interactive graph.

cve-collector
cve-collector

Simple latest CVE collector written in Python.

Burp-Encode-IP
Burp-Encode-IP

Burp Suite extension to encode an IP address focused to bypass application IP/domain blacklist.

BackupKiller
BackupKiller

Generate wordlist based on the URLs to check for backup, installation, etc files.

pydictor
pydictor

A powerful and useful hacker dictionary builder for a brute-force attack.

hping
hping

Network tool able to send custom TCP/IP packets.

Synergy-httpx
Synergy-httpx

Http(s) server designed to host resources dynamically or act as a receiver for POST data intercepts.

binwalk
binwalk

Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.

AndroSet
AndroSet

Manage Burp Suite certificate in Android to redirect all traffic to Burp Suite.

SysReptor
SysReptor

Easy and customisable pentest report creator based on simple web technologies.

wgen.io
wgen.io

Generate rich wordlists for targeted attacks online.

web2shell
web2shell

Automate converting webshells into reverse shells.

HTTP-traceroute
HTTP-traceroute

HTTP-traceroute in Go.

cadaver
cadaver

Command-line WebDAV client.

Gowhois
Gowhois

Whois command implemented by golang with awesome whois servers list.

octosql
octosql

CLI tool which lets you query a plethora of databases and file formats.

hakfindinternaldomains
hakfindinternaldomains

Feed it a list of subdomains, it will resolve them and tell you which ones are internal.

haklistgen
haklistgen

Turns any junk text into a usable wordlist for brute-forcing.

Nmap-API
Nmap-API

Create a Nmap API that can do scans with a good speed online and is easy to deploy.

trurl
trurl

Command line tool for URL parsing and manipulation.

urless
urless

De-clutter a list of URLs.

ffufPostprocessing
ffufPostprocessing

Golang tool which helps dropping the irrelevant entries from your ffuf result file.

NMapify
NMapify

Quickly and accurately create a visual representation of their Nmap output.

DNSTracer
DNSTracer

Trace the path of a DNS query.

ScopeHunter
ScopeHunter

Command-line tool for finding in-scope targets for bug bounty programs.

radare2
radare2

UNIX-like reverse engineering framework and command-line toolset.

katoolin3
katoolin3

Get your favourite Kali Linux tools on Debian/Ubuntu/Linux Mint.

PipeViewer
PipeViewer

A tool that shows detailed information about named pipes in Windows.

Unicornscan
Unicornscan

An asynchronous TCP and UDP port scanner.

Wordsmith
Wordsmith

Assist with creating tailored wordlists, mostly based on geolocation.

KeyTabExtract
KeyTabExtract

Extracts Key Values from .keytab files.

Onex
Onex

Hacking tools installer and package manager for hackers.

autochrome
autochrome

A shiny new copy of Chromium that will bring colors in your hunt.

Up HTTP Server
Up HTTP Server

Simple HTTP listener for security testing.

CyberChef
CyberChef

A web app for encryption, encoding, compression and data analysis.

s3reverse
s3reverse

The format of various S3 buckets is convert in one format.

Nessus database export
Nessus database export

Export Nessus results to a relational database for use in reports, analysis, or whatever else.

qsinject
qsinject

Allows you to quickly substitute query string values with regex matches, one-at-a-time.

burp-exporter
burp-exporter

Copy a Burp Suite request to a file or the clipboard as multiple programming languages functions.

haktldextract
haktldextract

Extract domains/subdomains from URLs en masse.

exfilkit
exfilkit

Data exfiltration utility for testing detection capabilities.

Transformations
Transformations

Understand how input is transformed on a system, which can help to craft payloads.

differer
differer

differer finds how URLs are parsed by different languages in order to help bug hunters break filters.

nmap-query-xml
nmap-query-xml

A simple program to query nmap XML files in the terminal.

rate-limit-checker
rate-limit-checker

Check whether the domain has a rate limit enabled.

PortBender
PortBender

A TCP port redirection utility that allows inbound traffic redirection.

rush
rush

A cross-platform command-line tool for executing jobs in parallel.

Interlace
Interlace

Turn single threaded command line applications into a fast, multi-threaded application.

uro
uro

Declutters url lists for crawling/pentesting.

Nmap
Nmap

The network mapper.

Masscan
Masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.