Footprinting 🦶🏻 and Reconnaissance 🕵🏻‍♂️

Repository	Description
Autopsy	Fast though an affordable incident response software.
Bulkextractor	Forensic investigation tool for many tasks such as malware and intrusion.
Media Acquistion	Visits that came from someone going to your site from organic search results.
Toolsley	No-hassle tools that are for verifying, hashing, generating and identifying multiple formats of data files.

Scanning Networks 🔍

Repository	Description
Nmap	A free and open source (license) utility for network discovery and security auditing.
Wireshark	The world’s foremost and widely-used network protocol analyzer.

Enumeration 📖

Repository	Description
Network Map	Designed to rapidly scan large networks, but works fine against single hosts.
Dracnmap	Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap.
Port scanning	Enables port scanning your entire network to determine which ports on your network are open and what services are running on them.
Xerosploit	A pentesting toolkit whose goal is to perform man in the middle attacks for testing purposes.
RED HAWK
ReconSpider	Framework for scanning IP Address, Emails, Websites, Organizations.
Infoga - Email OSINT	A tool gathering email accounts informations from different public sources.
ReconDog	Main Features = Wizard + CLA interface, extracts targets from STDIN (piped input) and act upon them.
Striker	Recon & Vulnerability Scanning Suite.
SecretFinder	Written to discover sensitive data like apikeys, accesstoken, authorizations, jwt in JavaScript files.
Port Scanner	Converts an unordered list of ports on separate lines in a numerical order.
Breacher	A script to find admin login pages and EAR vulnerabilites.

System Hacking 🧑🏼‍💻

Repository	Description
Setoolkit	An open-source penetration testing framework designed for social engineering.
SocialFish	A program designed to know social media stats and information related to an account.
HiddenEye	Multi-featured tool for human mistakes exploitation.
Evilginx2	A man-in-the-middle attack framework used for phishing login credentials along with session cookies.
I-See_You	Tool to find the exact location of the users during social engineering or phishing engagements.
SayCheese	Take webcam shots from target just sending a malicious link.
QR Code Jacking	Port Forwarding using Ngrok or Serveo.
BlackPhish	Super lightweight with many features and blazing fast speeds.

Payload Creation 📦

Repository	Description
The FatRat	Provides An Easy way to create Backdoors and Payload which can bypass most anti-virus.
Brutal	Quickly create various powershell attack, virus attack and launch listener for a Human Interface Device.
MSFvenom Payload Creator	A wrapper to generate multiple types of payloads, based on users choice.
Venom Shellcode Generator	Built to take advantage of apache2 webserver to deliver payloads (LAN).
Mob-Droid	Generate metasploit payloads in easy way without typing long commands and save your time.
Enigma	Multiplatform payload dropper.

Sniffing 🐶

Repository	Description
OpenVAS	A full-featured vulnerability scanner.
Nikto	An Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items.
Wapiti	Audit the security of your websites or web applications.
Metasploit	Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments.
Maltego	Graphical link analysis tool for gathering and connecting information for investigative tasks.
Canvas	Makes available hundreds of exploits, an automated exploitation system.
Sn1per	An automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
Lazyrecon	Is intended to automate some tedious tasks of reconnaissance and information gathering.
Osmedeus	Run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.
Reconness	Exploit the targets using one specific kind of vulnerability.
IronWASP	Used for web application vulnerability testing.

Social Engineering 📱

Repository	Description
Awesome Social Engineering	List of awesome social engineering resources.

Denial Of Service 🛠

Repository	Description
Asyncrone	Multifunction SYN Flood DDoS Weapon.
UFOnet	Cryptographic -disruptive toolkit- that allows to perform DoS and DDoS attacks.
GoldenEye	An HTTP DoS Test Tool.

Session Hijacking 💽

Repository	Description
Debinject	Inject malicious code into .debs
Pixload	Set of tools for hiding backdoors creating/injecting payload into images.

Evading IDS, Firewalls and Honeypots 🐝

Repository	Description
Bluetooth Honeypot	The system allows monitoring of attacks via a graphical user interface.
Kippo	SSH honeypot designed to log brute force attacks.
MushMush	The foundation is dedicated to the advancement and development of open source software.
Formidable Honeypot	Easy, non-instrusive SPAM protection.
Elastic Honey	A Simple Elasticsearch Honeypot.
Honey Thing	A honeypot for Internet of TR-069 routers/devices.

Hacking Web Applications 🧑🏼‍💻

Repository	Description
Awesome Web Hacking	A collection of tools used for SQL Injections and hacking websites.

SQL Injection 💉

Repository	Description
Sqlmap tool	Automates the process of detecting and exploiting SQL injection flaws.
NoSqlMap	Audit for as well as automate injection attacks and exploit default configuration weaknesses in databases.
Damn Small SQLi Scanner	SQL injection vulnerability scanner written in under 100 lines of code.
Explo	A simple tool to describe web security issues in a human and machine readable format.
Blisqy	Blind SQL injection on HTTP Headers and also exploitation of the same vulnerability.
Leviathan	A mass audit toolkit which has wide range service discovery, brute force, etc.
SQLScan	Quick web scanner for find an sql inject point on a website.

Hacking Wireless Networks 🕸

Repository	Description
WiFi-Pumpkin	A powerful framework which allows and offers security researchers, to mount a wireless network to conduct MITM.
pixiewps	Used to bruteforce offline the WPS PIN exploiting the low or non-existing entropy of some software implementations
Bluetooth Honeypot GUI Framework.	Allows monitoring of attacks via a GUI that provides graphs, lists, a dashboard and further detailed analysis from log files.
Fluxion	It's a remake by Mr. SAGE with less bugs and more functionality.
Wifiphisher	A Framework for conducting red team engagements or Wi-Fi security testing.
Wifite	Designed to use all known methods for retrieving the password of a wireless access point (router).
EvilTwin	A script to perform Evil Twin Attack, by getting credentials using a Fake page and Fake Access Point.
Fastssh	Performs multi-threaded scan and brute force attack against SSH protocol using the most commonly credentials.

Hacking Mobile Platforms 📱

Repository	Description
Keydroid	Android Keylogger + Reverse Shell.
MySMS	Script that generates an Android App to hack SMS through WAN.
Lockphish (Grab target LOCK PIN)	The first tool (05/13/2020) for phishing attacks on the lock screen.
DroidCam (Capture Image)	Generates different phishing links of wishing or custom sites which can grab victim's front camera pictures.
EvilApp (Hijack Session)	Script to generate Android App that can hijack autenticated sessions in cookies.
HatCloud(Bypass CloudFlare for IP)	It makes bypass in CloudFlare for discover the real IP.

IoT Hacking 🤖

Repository	Description
Vehicle Security	A curated list about vehicle security, car hacking, and tinkering with the functionality of your car.

Cryptography 🔒

Repository	Description
Awesome Cryptography	A curated list of cryptography resources and links.