This is your work, valued
cloud_enum. Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
2.1klinkedin2username. OSINT Tool: Generate username lists for companies on LinkedIn
1.8kpassphrase-wordlist. Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
1.4kdirty_sock. Linux privilege escalation exploit via snapd (CVE-2019-7304)
683evil-ssdp. Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
443uptux. Linux privilege escalation checks (systemd, dbus, socket fun, etc)
300pentest-methodology. Short checklists for penetration testing methodology
199lxd_root. Linux privilege escalation via LXD
143lyricpass. Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
101pentest-tools. General stuff for pentesting - password cracking, phishing, automation, Kali, etc.
91RTAP. Red Team Assessment Platform - reporting, visualizations, and analytics for cybersecurity red teams
34switcheroo. Universal LAN-based SSRF Attack Primitive
19pyshell. Simple netcat-like binary for Windows, created with python and py2exe.
13SecLists. SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
11abrt_root. Privilege escalation in Fedora Linux via ABRT (Automatic Bug Reporting Tool): CVE-2025-12744
7urban-dictionary-word-list. Script and sample dataset of all urban dictionary entry names (around 1.4 million total)
5MemPG. Memorable Passphrase Generator - create secure random passphrases that sound like sentences
4attack-flow. Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
3gitrob. Reconnaissance tool for GitHub organizations
2metasploit-framework. Metasploit Framework
2nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.
1dhcp4. DHCP4 library written in Go.
1andrankEnum. Tool to get the top android apps for bug bounty purpose
1PiHoleBlocklist. PiHole and AGH Blocklists
1