holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

Python 10,221 1,218 Updated Sep 10, 2024

pwndbg / pwndbg

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Python 10,120 1,193 Updated Feb 22, 2026

blacklanternsecurity / bbot

The recursive internet scanner for hackers. 🧡

Python 9,439 770 Updated Feb 22, 2026

0xInfection / Awesome-WAF

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥

Python 7,370 1,163 Updated Aug 28, 2025

p1ngul1n0 / blackbird

An OSINT tool to search for accounts by username and email in social networks.

Python 5,700 648 Updated Jul 13, 2025

RhinoSecurityLabs / pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Python 5,069 773 Updated Feb 20, 2026

swisskyrepo / SSRFmap

Automatic SSRF fuzzer and exploitation tool

Python 3,486 565 Updated Sep 4, 2025

almandin / fuxploider

File upload vulnerability scanner and exploitation tool.

Python 3,301 516 Updated May 8, 2025

xnl-h4ck3r / waymore

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!

Python 2,542 282 Updated Feb 7, 2026

onekey-sec / unblob

Extract files from any kind of container formats

Python 2,432 99 Updated Feb 20, 2026

cider-security-research / cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

Python 2,199 390 Updated Jul 14, 2024

spyboy-productions / CloakQuest3r

Open-source security research tool for identifying origin IP exposure of websites protected by Cloudflare and similar reverse proxy services.

Python 2,099 292 Updated Jan 6, 2026

Nekmo / dirhunt

Find web directories without bruteforce

Python 1,978 271 Updated Oct 29, 2023

GitGuardian / ggshield

Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.

Python 1,912 186 Updated Feb 20, 2026

p4-team / ctf

Ctf solutions from p4 team

Python 1,835 261 Updated Sep 18, 2024

WangYihang / GitHacker

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

Python 1,609 244 Updated Oct 31, 2025

BishopFox / GitGot

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Python 1,546 217 Updated Mar 7, 2024

s0md3v / uro

declutters url lists for crawling/pentesting

Python 1,526 168 Updated Feb 23, 2025

hellman / xortool

A tool to analyze multi-byte xor cipher

Python 1,476 182 Updated May 21, 2025

m4ll0k / Atlas

Quick SQLMap Tamper Suggester

Python 1,396 277 Updated Jul 18, 2022

SpiderLabs / HostHunter

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Python 1,156 193 Updated Mar 30, 2023

deibit / cansina

Web Content Discovery Tool

Python 908 235 Updated Jun 7, 2024

r0075h3ll / Oralyzer

Open Redirection Analyzer

Python 811 112 Updated Mar 5, 2023

Zeecka / AperiSolve

Steganalysis web platform

Python 785 94 Updated Feb 21, 2026

danigargu / heap-viewer

IDA Pro plugin to examine the glibc heap, focused on exploit development

Python 765 88 Updated Jul 25, 2022

0xb0bb / pwndra

A collection of pwn/CTF related utilities for Ghidra

Python 701 43 Updated Sep 10, 2024

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving to...

Python 660 88 Updated Sep 19, 2025

trufflesecurity / force-push-scanner

Scan for secrets in dangling commits on GitHub using GH Archive data.

Python 457 35 Updated Jul 3, 2025

Daniel Púa (devploit) devploit

Organizations

Lists (11)

BlueTeam

Cloud

CTF

Hardware

Malware

Mobile

OSINT

Pwn/Reversing

Recon

RedTeam

WebHacking

Stars