EMBA - The firmware security analyzer

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

Asset inventory of over 800 public bug bounty programs.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

My subdomain enumeration script. It's unique in the way it is built upon.

Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Bringing you the best of the worst files on the Internet.

An OSINT tool to find contacts in order to report security vulnerabilities.

Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty

Secret and/or credential patterns used for gf.

Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits but also gather all the technology running behind them for further investigation for a potential target.

A Bind9 server for pentesters to use for Out-of-Band vulnerabilities

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

Build your own reconnaissance system with Osmedeus Next Generation

SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!

Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Operational Security utility and automator.