This is your work, valued
wifijammer. Continuously jam all wifi clients/routers
4.3kLANs.py. Inject code and spy on wifi users
2.6knet-creds. Sniffs sensitive data from interface or pcap
1.9kxsscrapy. XSS spider - 66/66 wavsep XSS detected
1.7kicebreaker. Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
1.2kpymetasploit3. Automation library for Metasploit
409pentest-machine. Automates some pentest jobs via nmap xml file
325dnsspoof. DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
293fakeAP. Create fake AP in Kali with 1 command
271elite-proxy-finder. Finds public elite anonymity proxies and concurrently tests them
250msf-autoshell. Feed the tool a .nessus file and it will automatically get you MSF shell
239creds.py. Harvest FTP/POP/IMAP/HTTP/IRC creds
168fast-recon. Does some google dorks against a domain
166wifi-monitor. Prints the IPs on your local network that're sending the most packets
155device-pharmer. Opens 1K+ IPs or Shodan search results and attempts to login
148msf-autopwn. Autoexploitation of some of the most common vulnerabilities in wild
125search-google. Scrape google search results
94autorelay. Automatically performs the SMB relay attack
73msfbot. WORK IN PROGRESS. Waits for MSF session then automatically gets domain admin
64get_proxy. Py class that returns fastest http proxy
55best-channel. Find wifi channel with least interference
54Invoke-Cats. Obfuscated Invoke-Mimikatz
52SMB-reverse-brute. Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords
51smb-autopwn. Discovers and exploits hosts vulnerable to MS08-067/MS17-010
43Autobloodhound. Automatically parses and attacks BloodHound-generated graphs
43shellshock-hunter. Concurrently test bing results for shellshock vulnerability
42autoresp. Runs Responder, uploads hashes for cracking, alerts when cracked
37FuzzStrings. Simple, hand-picked list of fuzz strings
34crawler.py. async web crawler
31cookiejack. ARP spoof then session jack within your browser
29shellshock-hunter-google. Search google for shellshock vulnerable sites
27nmap-parser. Parses Nmap XML files
25net-sniffer. Sniffs an interface/pcap file and concatenates fragmented packet loads
22MsfWrapper. Asynchronous MSF RPC API wrapper
21shodan-search. Python
19WPSmash. Python
17Probable-Wordlists. Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
16mailspy. Catch IMAP/POP passwords and see incoming and outgoing messages
16arp-ping-detector. ARP ping detector on local network
15SecLists. SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
15flashforge-finder-api. FlashForge Finder 3D Printer API with temperature control
14CrackMapExec. A swiss army knife for pentesting Windows/Active Directory environments
14async-meterpreter-controller. Template for asynchronously controlling meterpreter sessions
13Obf-Cats. Obfuscated Invoke-Mimikatz script
13theHarvester. E-mails, subdomains and names Harvester - OSINT
13search-bing. Search bing with python
12MS17-010. MS17-010
12injecthtml. injecthtml
12postanalyzer. Analyze and log POSTs your machine makes
11metasploit-framework. Metasploit Framework
11joomla-addon-hunter. Find potential SQLi in Joomla URLs
8UfcstatsScraper. Scrapes ufcstats.com for data
8vimrc. My .vimrc
8pystemon. Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
8BestfightoddsScraper. Asynchronously scrape bestfightodds.com for odds data
7Invoke-Pwds. Obfuscated Invoke-PowerDump for SAM hash retrieval
7MMA-parser-for-Sherdog-and-UFC-data. Python web scraper for Sherdog & UFC data. Creates output of your choice in csv or json format.
7arpdet. Detects and deauths arp spoofers automatically. Broken.
5patator. Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
3