Subrake - A Powerful Subdomain Scanner & Validator Written in sockets and requests which makes it a lot more faster and easier to manage. It works by

Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to decompile the original apk file

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.

Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and remediation times. The

Passer can work off a live packet capture or from a pcap file (command line parameter, see examples below). It reports live services and clients, ethernet

Aaia (pronounced as shown here) helps in visualizing AWS IAM and organizations in a graph format with help of Neo4j. This helps in identifying the outliers

SANS Attack surfaces, tools and techniques cheat sheet | by SANS h9-cheatsheet cheatsheet Download PDF

TorBot is an open source intelligence tool developed in python. The main objective of this project is to collect open data from the deep web (aka dark web)

IoTShark aims to provide a fully automated solution for a user to monitor their IOT devices by simply running a single script. The user merely has to select

DroneSploit was created by Alexandre D’Hondt and Yannick Pasquazzo. The project is still in the development stage, as both developers are working to improve

Incident response is the organized practice of responding to cyber security events. These processes are typically organized into an incident response plan,

There are many Command and Control Frameworks for Pentesters and Red Teamers to use. Covenant is a nice .NET based C2 environment that works great on Kali

To do its magic, WAFW00F does the following:

TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to

Stowaway is Multi-hop proxy tool for security researchers and pentesters. Users can easily proxy their network traffic to intranet nodes (multi-layer).

Mapping injection is a process injection technique that avoids the usage of common monitored syscall VirtualAllocEx and WriteProcessMemory.

Hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It can be used to discover: