The OSINT Framework is a powerful collection of tools and methods designed for open-source intelligence gathering. This framework covers a wide range of categories to help security researchers, investigators, and analysts uncover crucial information effectively.

DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficiently. The tool generates multiple Google Dork search queries for a given domain and opens them in new browser tabs to help identify potential vulnerabilities.

Physical penetration testing is a critical aspect of security assessment that involves simulating real-world attacks to evaluate the effectiveness of physical security controls.

A powerful collection of tools designed for social engineering research, penetration testing, and security awareness training. These tools help security researchers understand human manipulation tactics and improve defense mechanisms.

A powerful Bash script for extracting URLs and API endpoints from HTML, JavaScript, and JSON content of web pages. Designed for security researchers, bug bounty hunters, and developers to streamline endpoint discovery. Simple to use, supports single or multiple URLs, and offers file-saving capabilities.

HACKING BOT is an automated bug bounty tool that streamlines security testing by running multiple cybersecurity tools in parallel. It allows you to customize the tools list and automate reconnaissance, scanning, exploitation, and post-exploitation analysis.

BugBoard: A comprehensive open-source cybersecurity tool for vulnerability detection and bug hunting.

Web History Analysis is an advanced tool for classifying and categorizing URLs from browser history logs using machine learning techniques.

CorsScan 🛡️ is a Bash script designed to detect and analyze CORS misconfigurations in web applications. With its efficient concurrency and detailed output, it empowers developers and security researchers to identify potential vulnerabilities in Access-Control headers, ensuring robust web security.

Email Filter is a command-line tool designed to clean and filter email lists by removing unwanted or invalid emails, removing duplicates, and keeping only the most useful email for each domain (such as contact@ or info@). It also handles noisy lines and extracts only valid emails from messy inputs.

This repository is a comprehensive collection of SQL Injection Payloads designed for educational, research, and testing purposes. It includes a wide variety of payloads for different SQLi techniques.

Alive is a fast and concurrent URL checker that identifies live domains returning HTTP 200 OK status. It supports single URLs and bulk lists, bypasses WAF protections using random user agents, and offers optional saving of results.

Exposed File Finder is a lightweight and efficient Bash script designed to enhance web application security by identifying exposed files in HTML, JavaScript, and JSON code. It helps developers and security researchers uncover potential vulnerabilities and sensitive information in websites or hosted GitHub repositories.

Email Finder is a powerful and fast Python-based tool designed to extract email addresses from websites. It helps security researchers, penetration testers, and web analysts quickly discover contact information from target websites by scanning common contact endpoints.

YogSec specializes in web application security, offering tailored solutions to help startups protect their digital presence. Our mission is to build a safer digital ecosystem for businesses to thrive.

Malicious-Website-Demo is a cybersecurity demonstration project that simulates common web vulnerabilities in a controlled environment. Built with a red danger-themed design, this website showcases scenarios like malicious redirects and landing pages to educate researchers and enthusiasts about online threats.

A collection of various Open Redirect payloads for security researchers, penetration testers, and bug bounty hunters.