1- distorm
- Powerful Disassembler Library For x86/AMD64.

2- BeeLogger
- Generate Gmail Emailing Keyloggers to Windows..

3- WhatWeb
- Next generation web scanner.

4- ADB-Toolkit
- ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!.

5- pybluez
- Bluetooth Python extension module.

6- HT-WPS-Breaker
- HT-WPS Breaker High Touch WPS Breaker .

7- johnny
- The GUI frontend to the John the Ripper password cracker.

8- sslyze
- Current development of SSLyze now takes place on a separate repository.

9- XSStrike
- Most advanced XSS scanner..

10- XSStrike
- Most advanced XSS scanner..

11- kalibrate-rtl
- fork of http://thre.at/kalibrate/ for use with rtl-sdr devices.

12- Pybelt
- The hackers tool belt.

13- GoblinWordGenerator
- Python wordlist generator .

14- joomscan
- OWASP Joomla Vulnerability Scanner Project.

15- plecost
- Plecost - Wordpress finger printer Tool .

16- noisy
- Simple random DNS, HTTP/S internet traffic noise generator.

17- peepdf
- Powerful Python tool to analyze PDF documents.

18- CrawlBox
- Easy way to brute-force web directory..

19- WAScan
- WAScan - Web Application Scanner.

20- httptunnel
- Bidirectional data stream tunnelled in HTTP requests..

21- Breacher
- An advanced multithreaded admin panel finder written in python..

22- koadic
- Koadic C3 COM Command & Control - JScript RAT.

23- Gloom-Framework
- Gloom-Framework :: Linux Penetration Testing Framework.

24- deblaze
- Performs method enumeration and interrogation against flash remoting end points..

25- wfdroid-termux
- Android Terminal Web-Hacking Tools.

26- termux-fedora
- A script to install a Fedora chroot into Termux.

27- pixiewps
- An offline Wi-Fi Protected Setup brute-force utility.

28- killchain
- A unified console to perform the "kill chain" stages of attacks..

29- Simple-Fuzzer
- Simple Fuzzer is a simple config-file driven block/mutation based fuzzing system.

30- The-Eye
- Simple security surveillance script for linux distributions..

31- DSXS
- Damn Small XSS Scanner.

32- Hatch
- Hatch is a brute force tool that is used to brute force most websites.

33- DSVW
- Damn Small Vulnerable Web.

34- Zerodoor
- A script written lazily for generating cross-platform backdoors on the go : .

35- zeroeye
- Key Generator v1.66.

36- shellstack
- A PHP Based Tool That Helps You To Manage All Your Backdoored Websites Efficiently..

37- uidsploit
- The Uidsploit Framework | Penetration Test Tool.

38- morpheus
- Morpheus - Automating Ettercap TCP/IP MITM-hijacking Tool .

39- xsser
- Cross Site "Scripter" aka XSSer is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications..

40- lscript
- The LAZY script will make your life easier, and of course faster..

41- EvilURL
- Generate unicode evil domains for IDN Homograph Attack and detect them..

42- proxystrike
- Automatically exported from code.google.com/p/proxystrike.

43- sqlmate
- A friend of SQLmap which will do what you always expected from SQLmap..

44- Infoga
- Infoga - Email OSINT.

45- shellnoob
- A shellcode writing toolkit.

46- Blazy
- Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF ..

47- CMSmap
- CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs. .

48- ReconCobra
- Complete Automated pentest framework for Information Gathering.

49- mfcuk
- MiFare Classic Universal toolKit MFCUK .

50- DSSS
- Damn Small SQLi Scanner.

51- Findsploit
- Find exploits in local and online databases instantly.

52- Spammer-Grab
- A brand new, awakened version of the old Spammer-Grab..

53- smbmap
- SMBMap is a handy SMB enumeration tool.

54- torshammer
- Tor's hammer. Slow post DDOS tool written in python..

55- cupp
- Common User Passwords Profiler CUPP .

56- Empire
- Empire is a PowerShell and Python post-exploitation agent..

57- AstraNmap
- No description provided

58- LITEDDOS
- This Tool Is Supporting For DDOS Activities, The Way Is Typing Command : $ python2 islddos.py ip port packet example: $python2 islddos.py 104.27.190.77 8080 100 IP target: 104.27.190.77 port: 8080 packet:100 Made In indonesia Indonesia Security Lite.

59- shodanwave
- Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera. .

60- weevely3
- Weaponized web shell.

61- WifiBruteCrack
- Program to attempt to brute force all wifi networks in range of a device, and return a possible set of networks to connect to and the password,.

62- Meterpreter_Paranoid_Mode-SSL
- Meterpreter Paranoid Mode - SSL/TLS connections.

63- Clickjacking-Tester
- A python script designed to check if the website if vulnerable of clickjacking and create a poc.

64- air-hammer
- No description provided

65- AutoPixieWps
- Automated pixieWps python script.

66- Hac
- No description provided

67- WiFi-Pumpkin
- Framework for Rogue Wi-Fi Access Point Attack.

68- Hash-Buster
- Crack hashes in seconds..

69- xerosploit
- Efficient and advanced man in the middle framework.

70- jboss-autopwn
- A JBoss script for obtaining remote shell access.

71- gasmask
- Information gathering tool - OSINT.

72- Metasploit_termux
- No description provided

73- termux-ubuntu
- Ubuntu chroot on termux.

74- hashcat
- World's fastest and most advanced password recovery utility.

75- shimit
- A tool that implements the Golden SAML attack.

76- Crips
- IP Tools To quickly get information about IP Address's, Web Pages and DNS records..

77- binwalk
- Firmware Analysis Tool.

78- instagramCracker
- Full Speed Instagram Cracker.

79- cowpatty
- coWPAtty: WPA2-PSK Cracking.

80- Winpayloads
- Undetectable Windows Payload Generation.

81- Parsero
- Parsero | Robots.txt audit tool.

82- Umbrella
- A Phishing Dropper designed to Pentest..

83- mfterm
- Terminal for working with Mifare Classic 1-4k Tags.

84- wifi-hacker
- Shell Script For Attacking Wireless Connections Using Built-In Kali Tools. Supports All Securities WEP, WPS, WPA, WPA2 .

85- xsmash
- Facebook Hack Box .

86- findomain
- The fastest and cross-platform subdomain enumerator, don't waste your time.

87- bettercap
- The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks..

88- spamchat
- Spam Chat Facebook.

89- hacktronian
- All in One Hacking Tool for Linux & Android.

90- eaphammer
- Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks..

91- admin-panel-finder
- A Python Script to find admin panel of a site.

92- hasherdotid
- Hasherdotid.

93- subscraper
- External pentest and bug bounty tool to perform subdomain enumeration through various techniques. SubScraper will provide information such as HTTP & DNS lookups to aid in potential next steps..

94- Hunner
- Hacking framework.

95- sqliv
- massive SQL injection vulnerability scanner.

96- PyBozoCrack
- A silly & effective MD5 cracker in Python.

97- the-backdoor-factory
- Patch PE, ELF, Mach-O binaries with shellcode NOT Supported .

98- w3af
- w3af: web application attack and audit framework, the open source web vulnerability scanner..

99- maskprocessor
- High-Performance word generator with a per-position configureable charset.

100- Pyrit
- The famous WPA precomputed cracker, Migrated from Google..

101- trape
- People tracker on the Internet: OSINT analysis and research tool by Jose Pino.

102- kojawafft
- newfft.

103- indonesian-wordlist
- Indonesian wordlist.

104- CeWL
- CeWL is a Custom Word List Generator.

105- Lazymux
- termux tool installer.

106- netattack2
- An advanced network scan and attack script based on GUI. 2nd version of no-GUI netattack. .

107- KatanaFramework
- The New Hacking Framework.

108- BadMod
- CMS auto detect and exploit..

109- OSIF
- Open Source Information Facebook.

110- BAF
- Blind Attacking Framework.

111- AUXILE
- Auxile Framework.

112- wirespy
- Framework designed to automate various wireless networks attacks the project was presented on Pentester Academy TV's toolbox in 2017 ..

113- sqlmap
- Automatic SQL injection and database takeover tool.

114- enum4linux
- enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts..

115- TermuxAlpine
- Use TermuxAlpine.sh calling to install Alpine Linux in Termux on Android. This setup script will attempt to set Alpine Linux up in your Termux environment..

116- evilginx2
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.

117- EagleEye
- Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search..

118- HttpLiveProxyGrabber
- Best Proxy Grabber Tool!.

119- RegRipper2.8
- RegRipper version 2.8.

120- ezsploit
- Linux bash script automation for metasploit.

121- ghost-phisher
- Automatically exported from code.google.com/p/ghost-phisher.

122- thc-ipv6
- IPv6 attack toolkit.

123- killerbee
- IEEE 802.15.4/ZigBee Security Research Toolkit.

124- dnsenum
- dnsenum is a perl script that enumerates DNS information.

125- ridenum
- Rid_enum is a null session RID cycle attack for brute forcing domain controllers..

126- zaproxy
- The OWASP ZAP core project.

127- apt2
- automated penetration toolkit.

128- hakkuframework
- Hakku Framework penetration testing.

129- Gemail-Hack
- python script for Hack gmail account brute force.

130- Responder
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. .

131- Vegile
- This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell.

132- weeman
- HTTP server for phishing in python.

133- nk26
- NKosec Encode, 2 side encode. change alphabet to numeric or back numeric to alphabet..

134- termineter
- Smart Meter Security Testing Framework.

135- santet-online
- No description provided

136- RTLSDR-Scanner
- A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library.

137- evilginx
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.

138- D-TECT-1
- D-TECT - Pentesting the Modern Web.

139- EyeWitness
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible..

140- msfpc
- MSFvenom Payload Creator MSFPC .

141- XAttacker
- X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter.

142- TekDefense-Automater
- Automater - IP URL and MD5 OSINT Analysis.

143- SpazSMS
- Send unsolicited messages repeatedly on the same phone number.

144- nikto
- Nikto web server scanner.

145- Mercury
- Mercury is a hacking tool used to collect information and use the information to further hurt the target.

146- Nethunter-In-Termux
- This is a script by which you can install Kali nethunter Kali Linux in your termux application without rooted phone .

147- fierce
- A DNS reconnaissance tool for locating non-contiguous IP space..

148- Planetwork-DDOS
- No description provided

149- zirikatu
- Fud Payload generator script.

150- sqlscan
- Quick SQL Scanner, Dorker, Webshell injector PHP.

151- InSpy
- A python based LinkedIn enumeration tool.

152- dotdotpwn
- DotDotPwn - The Directory Traversal Fuzzer.

153- seeker
- Accurately Locate Smartphones using Social Engineering.

154- bing-ip2hosts
- bingip2hosts is a Bing.com web scraper that discovers websites by IP address.

155- Black-Hydra
- No description provided

156- TheFatRat
- Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection ..

157- sslcaudit
- No description provided

158- cuckoo
- Cuckoo Sandbox is an automated dynamic malware analysis system.

159- slowloris
- Low bandwidth DoS tool. Slowloris rewrite in Python..

160- airgeddon
- This is a multi-use bash script for Linux systems to audit wireless networks..

161- sipvicious
- SIPVicious suite is a set of security tools that can be used to audit SIP based VoIP systems..

162- rdpy
- Remote Desktop Protocol in Twisted Python.

163- capstone
- Capstone disassembly/disassembler framework: Core Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore + bindings..

164- angryFuzzer
- Tools for information gathering.

165- beef
- The Browser Exploitation Framework Project.

166- BruteX
- Automatically brute force all services running on a target..

167- Sublist3r
- Fast subdomains enumeration tool for penetration testers.

168- creddump
- Automatically exported from code.google.com/p/creddump.

169- MyServer
- MyServer is your own localhost web server. you can setup PHP, Apache, Nginx and MySQL servers on your android devices or linux like Ubuntu etc. MyServer is Developed for android terminal like Termux or GNURoot Debian terminal..

170- HiddenEye
- Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services Android-Support-Available .

171- mfoc
- Mifare Classic Offline Cracker.

172- nodexp
- NodeXP - A Server Side Javascript Injection tool capable of detecting and exploiting Node.js vulnerabilities.

173- txtool
- an easy pentesting tool..

174- EggShell
- iOS/macOS/Linux Remote Administration Tool.

175- avet
- AntiVirus Evasion Tool.

176- hash-generator
- beautiful hash generator.

177- Striker
- Striker is an offensive information and vulnerability scanner..

178- snitch
- information gathering via dorks.

179- mitmproxy
- An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers..

180- PadBuster
- Automated script for performing Padding Oracle attacks.

181- DHCPig
- DHCP exhaustion script written in python using scapy network library.

182- doork
- Passive Vulnerability Auditor.

183- zarp
- Network Attack Tool.

184- sslstrip
- A tool for exploiting Moxie Marlinspike's SSL "stripping" attack..

185- CyberScan
- CyberScan: Network's Forensics ToolKit.

186- theHarvester
- E-mails, subdomains and names Harvester - OSINT .

187- commix
- Automated All-in-One OS command injection and exploitation tool..

188- XPL-SEARCH
- Search exploits in multiple exploit databases!.

189- credmap
- The Credential Mapper.

190- EasY_HaCk
- Hack the World using Termux.

191- fern-wifi-cracker
- Automatically exported from code.google.com/p/fern-wifi-cracker.

192- termux-wordpresscan
- No description provided

193- RED_HAWK
- All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers.

194- djangohunter
- Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information..

195- SocialFish
- Educational Phishing Tool & Information Collector .

196- GoogleSearch-CLI
- Search anything on Google without captcha.

197- dmitry
- DMitry Deepmagic Information Gathering Tool .


199- crackle
- Crack and decrypt BLE encryption.

200- openvas
- Open Vulnerability Assessment Scanner.

201- ANDRAX
- ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution!

202- OWScan
- No description provided

203- wifitap
- wifitap updated for BT5r3.

204- SCANNER-INURLBR
- Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found..

205- OWASP-WebScarab
- OWASP WebScarab.

206- sAINT
- :eye: s AINT is a Spyware Generator for Windows systems written in Java. Discontinued.

207- catphish
- CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM. .

208- webdav
- Simple Go WebDAV server..

209- exploitdb
- The official Exploit Database repository.

210- yersinia
- A framework for layer 2 attacks.

211- secHub
- Python Security/Hacking Kit.

212- killshot
- A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner.

213- nishang
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security. .

214- Th3inspector
- Th3Inspector 🕵️ Best Tool For Information Gathering 🔎.

215- SocialBox
- SocialBox is a Bruteforce Attack Framework Facebook , Gmail , Instagram ,Twitter , Coded By Belahsan Ouerghi.

216- gcat
- A PoC backdoor that uses Gmail as a C&C server.

217- ATSCAN
- Advanced dork Search & Mass Exploit Scanner.

218- FBUPv2.0
- No description provided

219- GINF
- Github information gathering.

220- DKMC
- DKMC - Dont kill my cat - Malicious payload evasion tool.

221- kwetza
- Python script to inject existing Android applications with a Meterpreter payload..

222- WebXploiter
- WebXploiter - An OWASP Top 10 Security scanner !.

223- Dracnmap
- Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands..

224- PiDense
- 🍓📡🍍Monitor illegal wireless network activities. Fake Access Points , WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc. .

225- osrframework
- OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches..

226- FaDe
- Fake Deface.

227- Namechk
- Osint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks..

228- intrace
- Enumeration of IP hops using existing TCP connections.

229- WPSeku
- WPSeku - Wordpress Security Scanner .

230- pydictor
- A powerful and useful hacker dictionary builder for a brute-force attack.

231- xspy
- Record X11 keypress events to a log file.

232- CMSeeK
- CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs.

233- cpscan
- website admin panel finder.

234- bleachbit
- BleachBit system cleaner for Windows and Linux.

235- Intersect-2.5
- Post-Exploitation Framework.

236- crowbar
- Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools. .

237- wafw00f
- WAFW00F allows one to identify and fingerprint Web Application Firewall WAF products protecting a website..

238- brutespray
- Brute-Forcing from Nmap output - Automatically attempts default creds on found services..

239- sir
- Skype Ip Resolver.

240- braa
- Ultra-fast SNMPv1/v2 stack. Get/set/walk tens of thousands of hosts at once..

241- ko-dork
- A simple vuln web scanner.

242- dbd
- Durandal's Backdoor.

243- websploit
- Websploit is an advanced MITM framework..

244- cdpsnarf
- CDPSnarf is a network sniffer exclusively written to extract information from CDP Cisco Discovery Protocol packets. .

245- TrackOut
- Simple Python IP Tracker.

246- leviathan
- wide range mass audit toolkit.

247- GoldenEye
- GoldenEye Layer 7 KeepAlive+NoCache DoS Test Tool.

248- Brutal
- Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device HID attacks . Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device Payload Teensy .

249- wreckuests
- Wreckuests — yet another one hard-hitting tool to run DDoS atacks with HTTP-flood.

250- gobuster
- Directory/File, DNS and VHost busting tool written in Go.

251- Xshell
- ~ Shell Finder By Ⓜ Ⓐ Ⓝ Ⓘ Ⓢ Ⓢ Ⓞ ☪ ~.

252- elpscrk
- A Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v.

253- Striker
- Striker is an offensive information and vulnerability scanner..

254- SH33LL
- SHELL SCANNER.

255- multimon-ng
- No description provided

256- termux-sudo
- A bash script that provides sudo for Termux.

257- KnockMail
- Verify if email exists.

258- Kadabra
- DEPRECATED Kadabra is my automatic LFI Exploiter and Scanner, written in C++ and a couple extern module in Python..

259- Leaked
- Leaked? 2.1 - A Checking tool for Hash codes, Passwords and Emails leaked.

260- Hash-Buster
- Crack hashes in seconds..

261- keimpx
- Check for valid credentials across a network over SMB.

262- IP-FY
- Gathers information about a Particular IP address.

263- fbvid
- Facebook Video Downloader CLI For Linux Systems Coded in PHP.

264- slowhttptest
- Application Layer DoS attack simulator.

265- trojanizer
- Trojanize your payload - WinRAR SFX automatization - under Linux distros.

266- fsociety
- fsociety Hacking Tools Pack – A Penetration Testing Framework.

267- demiguise
- HTA encryption tool for RedTeams.

268- get
- Get is a simple script to retrieve an ip from hostname or vice-versa ..

269- torghost
- Tor anonimizer.

270- Termux-Kali
- Termux-Kali - Install Kali Linux on Android using Termux!.
271- FakeImageExploiter
- Use a Fake image.jpg to exploit targets hide known file extensions .

272- WP-plugin-scanner
- A tool to list plugins installed on a wordpress powered website..

273- Sn1per
- Automated pentest framework for offensive security experts.

274- recon-ng
- Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources..

275- routersploit
- Exploitation Framework for Embedded Devices.

276- Tool-X
- Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other android terminals. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based distributions..

277- Evil-create-framework
- No description provided

278- fbht
- Facebook Hacking Tool.

279- MSF-Pg
- No description provided

280- shell-scan
- Look for a backdoor shell on the website.

281- ExploitOnCLI
- Trying to be the best tool to search for exploits in the terminal..

282- sniffjoke
- a client-only layer of protection from the wiretap/sniff/IDS analysis.

283- roxysploit
- A Hackers framework.

284- sqlmate
- A friend of SQLmap which will do what you always expected from SQLmap..

285- DDosy
- Perform a Ddos attack with Threads Educational purpose .

286- SecLists
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more..

287- reaver-wps-fork-t6x
- No description provided

288- SMBrute
- SMB Protocol Bruteforce.

289- giskismet
- giskismet – Wireless recon visualization tool.

290- dnsrecon
- DNS Enumeration Script.

291- wpscan
- WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites..

292- AutoSploit
- Automated Mass Exploiter.

293- Auxscan
- No description provided

294- AndroBugs_Framework
- AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows..

295- golismero
- GoLismero - The Web Knife.

296- PwnSTAR
- PwnSTAR Pwn SofT-Ap scRipt - for all your fake-AP needs!.

297- ToolB0x
- Hacking Tools :zap:.

298- masscan
- TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes..

299- fbi
- Facebook Information.

300- kickthemout
- 💤 Kick devices off your network by performing an ARP Spoof attack..

301- bbqsql
- SQL Injection Exploitation Tool.

302- HTools
- 50+ Hacking Tools Collection.

303- Stitch
- Python Remote Administration Tool RAT .

304- dedsploit
- Network protocol auditing framework.

305- CHAOS
- :fire: CHAOS is a PoC that allow generate payloads and control remote operating systems..

306- QRLJacking
- QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers..

307- doona
- Network based protocol fuzzer.

308- hURL
- hexadecimal & URL encoder + decoder.

309- hasher
- Hash cracker with auto detect hash.

310- wifresti
- Find your wireless network password in Windows , Linux and Mac OS.

311- PowerSploit
- PowerSploit - A PowerShell Post-Exploitation Framework.

312- faraday
- Collaborative Penetration Test and Vulnerability Management Platform.

313- wifiphisher
- The Rogue Access Point Framework.

314- ReverseAPK
- Quickly analyze and reverse engineer Android packages.

315- CredSniper
- CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens..

316- hammer
- Hammer DDos Script - Python 3.

317- inther
- No description provided

318- LFISuite
- Totally Automatic LFI Exploiter + Reverse Shell and Scanner .

319- IPGeoLocation
- Retrieve IP Geolocation information.

320- Termux-Styling-Shell-Script
- Unofficial Termux Styling Bash .

321- termux-lazysqlmap
- SQLMAP for Lazy People on Termux.

322- Remot3d
- Remot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors.

323- wfuzz
- Web application fuzzer.

324- Androspy
- Androspy framework is a Backdoor Crypter & Creator with Automatic IP Poisener.

325- social-engineer-toolkit
- The Social-Engineer Toolkit SET repository from TrustedSec - All new versions of SET will be deployed here..

326- websploit
- websploit is an advanced MITM framework.

327- ipwn
- No description provided

328- Dr0p1t-Framework
- A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks.

329- bulk_extractor
- This is the development tree. For downloads please see:.

330- lynis
- Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing HIPAA/ISO27001/PCI DSS and system hardening. Agentless, and installation optional..

331- Cookie-stealer
- Crappy cookie stealer.

332- ReconDog
- Reconnaissance Swiss Army Knife.

333- blackbox
- No description provided

334- Ecode
- Encode / Decode.

335- fluxion
- Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality..

336- LALIN
- this script automatically install any package for pentest with uptodate tools , and lazy command for run the tools like lazynmap , install another and update to new #actually for lazy people hahaha #and Lalin is remake the lazykali with fixed bugs , added new features and uptodate tools . It's compatible with the latest release of Kali Rolling .

337- hulk
- HULK DoS tool ported to Go with some additional features..

338- xl-py
- No description provided

339- BinGoo
- BinGoo! A Linux bash based Bing and Google Dorking Tool.

340- Blazy
- Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF ..

341- rang3r
- rang3r | Multi Thread IP + Port Scanner.

342- fuxploider
- File upload vulnerability scanner and exploitation tool..

343- wifite
- No description provided

344- 4nonimizer
- A bash script for anonymizing the public IP used to browsing Internet, managing the connection to TOR network and to different VPNs providers OpenVPN .

345- qark
- Tool to look for several security related Android application vulnerabilities.

346- wifite2
- Rewrite of the popular wireless network auditor, "wifite".

347- A-Rat
- No description provided

348- jsql-injection
- jSQL Injection is a Java application for automatic SQL database injection..

349- arp-scan
- The ARP Scanner.

350- pwnat
- The only tool and technique to punch holes through firewalls/NATs where both clients and server can be behind separate NATs without any 3rd party involvement. Pwnat uses a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, router administrative requirements, STUN/TURN/UPnP/ICE, or spoofing required..

351- volatility
- An advanced memory forensics framework.

352- fuckshitup
- php-cli vulnerability scanner.

353- netdiscover
- netdiscover.

354- Easymap
- No description provided

355- netattack
- A simple python script to scan and attack wireless networks..

356- Wordpresscan
- WPScan rewritten in Python + some WPSeku ideas.

357- eternal_scanner
- An internet scanner for exploit CVE-2017-0144 Eternal Blue & CVE-2017-0145 Eternal Romance .

358- webpwn3r
- WebPwn3r - Web Applications Security Scanner..

359- LITESPAM
- Berisi Tools Spammer Dengan Berbagai Macam jenis Dengan Limit Tinggi Bahkan Unlimited.

360- onioff
- 🌰 An onion url inspector for inspecting deep web links..