Security engineer, internet sleuth and builder of tools.
gitrob. Reconnaissance tool for GitHub organizations
6.2kaquatone. A Tool for Domain Flyovers
5.9kdrawio-threatmodeling. Draw.io libraries for threat modeling diagrams
800css3buttons. Simple CSS3 framework for creating GitHub-style buttons
688birdwatcher. Data analysis and OSINT framework for Twitter
416searchpass. A simple tool for offline searching of default credentials for network devices, web applications and more.
169hugo-theme-til. A Hugo theme focused on simplicity and readability, and content discovery.
156gokiburi. Automatic test runs for Go projects
142bucketlist. Amazon S3 bucket spelunking!
87maltego. Custom Maltego transforms
69hibp. A simple tool to check a bunch of email addresses against the Have I Been Pwned API.
68diceware. Generate secure passphrases with the Diceware method
59hackpad. A web application hacker's toolbox. Base64 encoding/decoding, URL encoding/decoding, MD5/SHA1/SHA256/HMAC hashing, code deobfuscation, formatting, highlighting and much more.
54nmap-scripts. A collection of Nmap NSE scripts that I made.
31wikiranger. Gather information on Wiki contributions from IP ranges
23easywins. Probe a web server for common files and endpoints that are useful for gathering information or gaining a foothold.
23dia-attacktree. Attack Tree modeling sheet for Dia
20chart. Command-line tool for rendering bar charts that can be displayed directly in the terminal or in text-based files like Markdown.
19dolus. Firefox Addon to fool websites with spoofed X-Forwarded-For headers
18tmpl. Simple tmux session management.
16SecLists. SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
15nmunch. A passive network discovery tool that finds live network nodes by analyzing ARP and broadcast packets.
14obsidian-writing-style. Write like a pro with the Vale writing style linter.
14michenriksen.github.io. Personal website
9wifiphisher. Automated phishing attacks against WiFi networks
9changeme. A default credential scanner.
9dia-dfd. DFD diagramming sheet for Dia
9OSINT-Framework. OSINT Framework
7typogenerator. Golang string typosquatting generator
7webappurls. A public list of URLs generally useful to webapp testers and pentesters
7sectaskbars. Security Product Taskbar Icons (to identify from screenshots)
6tatt. A versatile CLI tool that makes it easy to render Go templates with dynamic data from YAML, JSON, or TOML files.
5gitleaks. Protect and discover secrets using Gitleaks 🔑
5WordpressPingbackPortScanner. WordpressPingbackPortScanner
5pkgdmp. A simple go code analysis CLI tool.
5pdf-redact-tools. a set of tools to help with securely redacting and stripping metadata from documents before publishing
5til-example-site. Demo site for the Today I Learned Hugo theme.
4handbook. The CryptoParty Handbook
4epubinfo. Extracts metadata information from EPUB files. Supports EPUB2 and EPUB3 formats.
4Amass. In-depth Attack Surface Mapping and Asset Discovery
3httprobe. Take a list of domains and probe for working HTTP and HTTPS servers
3inspectra. A simple web app for data inspection.
3dns. DNS library in Go
2kickstart.nvim. A launch point for your personal nvim configuration
2huh. Build terminal forms and prompts 🤷🏻♀️
2wappalyzergo. A high performance go implementation of Wappalyzer Technology Detection Library
2go-git. A highly extensible Git implementation in pure Go.
2wtf. The personal information dashboard for your terminal
2scanner_user_agents. A list of user agents belonging to common web scanners.
2nuclei-templates. Community curated list of templates for the nuclei engine to find a security vulnerability in application.
2nsjail. A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)
2ffuf. Fast web fuzzer written in Go
2banshee. A speedy tool for combining and compressing your JavaScript, CoffeeScript, CSS and LESS source files
2hugoThemesSiteBuilder. The source for https://themes.gohugo.io
1twitter_ebooks. Better Markov chains for all your friends~
1tree-sitter-svelte. Svelte grammar for tree-sitter
1