Script that allows you to get your reverse quickly.

Wordlist Generator

A very simple persistence script generator

A simple script for extract all vulnerable plugins form the wordpress site.

Automation of advanced Google queries to locate potentially sensitive information and security vulnerabilities in a domain.

Helper script for checking SUID/SUDO permissions against GTFOBin data.

Current parsers to help convert some popular pentest tools to CSV onevault file formats.

Simple python script for Information Gathering.

Search for known vulnerabilities in software using software titles or a CPE 2.3 string

Okadminfinder rewrite by Xnuvers007

A Python-based password brute-forcer that leverages the webbot library

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once

A tool for recovering server credentials from a pgadmin4 database

All In One, Fast, Easy Recon Tool

WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.

Enumerate a target Based off of Nmap Results

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)