ClassyShark
Inspects Android binaries showing classes, methods, dependencies, and more.
WhatsAnalyze
Open-source tool to analyze WhatsApp chats and generate PDFs. Run locally or access the hosted version at whatsanalyze.com fully transparent on GitHub.
CyberPhish
Customizable phishing tool with social media email templates for educational purposes.
Barrion
Automated scans to detect flaws in websites, web apps, and APIs no setup needed.
Synergy Httpx
Python HTTP(s) server for red teaming, receives POST data and serves dynamic content.
vulnerable-AD
Creates a vulnerable Active Directory environment for local lab attack testing.
Oblivion
Monitors real-time data leaks and alerts if user credentials have been exposed.
rekono
Automates pentests by combining tools, sending results, and integrating with Defect-Dojo.
Exiv2
C++ library & CLI utility to manage image metadata (Exif, IPTC, XMP, ICC).
emp3r0r
Advanced post-exploitation framework for Linux/Windows with integrated C2 capabilities.
PrivacyNet
Routes all traffic and DNS via Tor using iptables to anonymize network connections.
The Sleuth Kit
CLI tools and C library to analyze disk images and recover files; used by Autopsy and others.
SysWhispers2
Generates direct syscall headers/ASM for evasion and privilege escalation in post-exploitation.
Nighthawk C2
Stealth C2 framework with evasive beacon for Red Team in monitored environments.
CHAOS
Free and open-source Remote Administration Tool (RAT) to control remote operating systems.
Google Safe Browsing
Google Safe Browsing is a tool by Google that enhances online security by identifying and warning users about potentially dangerous websites.
shuffledns
Massdns wrapper for subdomain bruteforce and resolution with wildcard handling support.
Jarvis-GPT
Interacts with ChatGPT by voice, performs computer commands, and plays music.
ImmuniWeb
Free app/API security, phishing detection, and dark web monitoring for awareness and safety.
httpx
Fast HTTP toolkit for reliable probing using multi-threading and retryable HTTP requests.
vermilion
CLI tool for rapid collection and optional exfiltration of sensitive info from Linux systems.
Censys Enumeration
Extracts subdomains and emails using Censys TLS certificate data.
Burp Encode IP
Burp extension encoding IPs to test SSRF, RFI, and open redirect flaws.
