A collection of various awesome lists for hackers, pentesters and security researchers

Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.

Ghidra is a software reverse engineering (SRE) framework

An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

A curated list of rootkits found on Github and other sites.

Metasploit Framework

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

🚀AI拟声: 5秒内克隆您的声音并生成任意语音内容 Clone a voice in 5 seconds to generate arbitrary speech in real-time

Search emails from a domain through search engines

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

If you build software, keep a changelog.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Discord gateway client for transferring events to RabbitMQ queue.

Advanced information gathering & OSINT tool for phone numbers