- Tools
- Active Directory
- Cloud Pentesting
- Cryptography
- File Inclusion
- Networking
- Note Taking
- Open Redirect
- OSINT
- Proxy and Scanners
- Reversing
- Server-Side Request Forgery (SSRF)
- Social Engineering Tools
- Steganography
- Subdomain
- SQL Injection
- Template Injection
- XML external entity (XXE) injection
- Wordlists
- Other Important
- Hashidentifier: hashid
- Ares
- quipqiup Auto Cipher Decoder
- CryptoS.py
- Cipher Identifier
- Symbol Cipher List
- Cook Decoder
- Cryptii
- Hash Identifier
- Zero Byte Decoder Online
- Zero Width Char Encoder 1
- Zero Width Char Encoder 2
- RSA CTF Tool
- All ROT
- Cherry Tree FOSS Note Taking
- draw.io
- EverNote Free
- Name to Social Media
- Face Image Search
- Image Time
- geospy.ai
- Dark Web OSINT Tools
- Location
- File Match Search: FileChef, File Search Engine, de digger, SearchFiles.de, NAPALM FTP Indexer, FileListing
- Telegram Bot List
- News by Location: Instagram Locations, Snapchat Map
- mitmproxy
- Burp Suite
- OWASP ZAP
- See-SURF
- AllThingsSSRF
- ssrf-sheriff
- Burpsuite Extension: Collaborator Everywhere
- AperiSolve
- strings file.wav
- exiftool file.wav
- exiv2 file.wav
- foremost -i file.wav
- binwalk --dd ".*" file.wav
- steghide extract -sf file.wav
- stegseek
- outguess -r file.mp3 output.txt
- OpenStego
- Steganography (Image)
- Image Steganography
- Stegsolve
- python3 -m pip install stegpy
- WavSteg
- Spectogram Tools: Audacity, Sonic Visualiser, Spectrum Analyzer, sciencemusic
curl -s https://raw.githubusercontent.com/ZishanAdThandar/pentest/main/scripts/subauto.sh | bash -s domain.comcurl -s "http://web.archive.org/cdx/search/cdx?url=*.hackerone.com/*&output=text&fl=original&collapse=urlkey" | sort | sed -e 's_https*://__' -e "s//.//" -e 's/:.//' -e 's/^www.//' | uniq- Subdomain Takeover
- PayloadsAllTheThings
- SecLists
- FuzzDB
- api worlist
- rockyou.txt