Physical penetration testing is a critical aspect of security assessment that involves simulating real-world attacks to evaluate the effectiveness of physical security controls.

A powerful collection of tools designed for social engineering research, penetration testing, and security awareness training. These tools help security researchers understand human manipulation tactics and improve defense mechanisms.

The OSINT Framework is a powerful collection of tools and methods designed for open-source intelligence gathering. This framework covers a wide range of categories to help security researchers, investigators, and analysts uncover crucial information effectively.

HACKING BOT is an automated bug bounty tool that streamlines security testing by running multiple cybersecurity tools in parallel. It allows you to customize the tools list and automate reconnaissance, scanning, exploitation, and post-exploitation analysis.

A powerful Bash script for extracting URLs and API endpoints from HTML, JavaScript, and JSON content of web pages. Designed for security researchers, bug bounty hunters, and developers to streamline endpoint discovery. Simple to use, supports single or multiple URLs, and offers file-saving capabilities.

DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficiently. The tool generates multiple Google Dork search queries for a given domain and opens them in new browser tabs to help identify potential vulnerabilities.

Alive is a fast and concurrent URL checker that identifies live domains returning HTTP 200 OK status. It supports single URLs and bulk lists, bypasses WAF protections using random user agents, and offers optional saving of results.

This repository is a comprehensive collection of SQL Injection Payloads designed for educational, research, and testing purposes. It includes a wide variety of payloads for different SQLi techniques.

Web History Analysis is an advanced tool for classifying and categorizing URLs from browser history logs using machine learning techniques.

CorsScan 🛡️ is a Bash script designed to detect and analyze CORS misconfigurations in web applications. With its efficient concurrency and detailed output, it empowers developers and security researchers to identify potential vulnerabilities in Access-Control headers, ensuring robust web security.

BugBoard: A comprehensive open-source cybersecurity tool for vulnerability detection and bug hunting.

Exposed File Finder is a lightweight and efficient Bash script designed to enhance web application security by identifying exposed files in HTML, JavaScript, and JSON code. It helps developers and security researchers uncover potential vulnerabilities and sensitive information in websites or hosted GitHub repositories.

Email Filter is a command-line tool designed to clean and filter email lists by removing unwanted or invalid emails, removing duplicates, and keeping only the most useful email for each domain (such as contact@ or info@). It also handles noisy lines and extracts only valid emails from messy inputs.

Email Finder is a powerful and fast Python-based tool designed to extract email addresses from websites. It helps security researchers, penetration testers, and web analysts quickly discover contact information from target websites by scanning common contact endpoints.

A collection of various Open Redirect payloads for security researchers, penetration testers, and bug bounty hunters.

Malicious-Website-Demo is a cybersecurity demonstration project that simulates common web vulnerabilities in a controlled environment. Built with a red danger-themed design, this website showcases scenarios like malicious redirects and landing pages to educate researchers and enthusiasts about online threats.

YogSec specializes in web application security, offering tailored solutions to help startups protect their digital presence. Our mission is to build a safer digital ecosystem for businesses to thrive.

A curated list of essential digital forensics tools used for investigation, data recovery, and security analysis. These tools help in disk forensics, memory analysis, network monitoring, malware analysis, and more.