https://github.com/bst04/CyberSources
A curated list of cybersecurity tools and resources.
https://github.com/bst04/CyberSources
List: cybersources
awesome-cybersources awesome-list blueteam-tools course cyber-security cybersecurity cybersources documentation learning osint-tool project redteam-tools repository resources tools
Last synced: 9 months ago
JSON representation
A curated list of cybersecurity tools and resources.
- Host: GitHub
- URL: https://github.com/bst04/CyberSources
- Owner: brunoooost
- License: mit
- Created: 2024-11-06T17:55:58.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-01-15T09:45:33.000Z (over 1 year ago)
- Last Synced: 2025-01-15T10:29:18.972Z (over 1 year ago)
- Topics: awesome-cybersources, awesome-list, blueteam-tools, course, cyber-security, cybersecurity, cybersources, documentation, learning, osint-tool, project, redteam-tools, repository, resources, tools
- Homepage: https://brunoooost.github.io/cybersources/
- Size: 591 KB
- Stars: 584
- Watchers: 16
- Forks: 60
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- ultimate-awesome - cybersources - A curated list of cybersecurity tools and resources. (Other Lists / Monkey C Lists)
- trackawesomelist - Cybersources (⭐636)
- fucking-Awesome-Hacking - Cybersources
- Awesome-Hacking - Cybersources
README
[](https://cybersources.site/?=github)
Welcome to the **Cybersources**! This project serves as a central hub for a wide range of tools, resources, and educational materials designed for cybersecurity professionals, enthusiasts, and learners. Whether you're just starting out or an experienced expert, you'll find everything you need to enhance your skills, stay updated with industry trends, and deepen your knowledge in this fast-evolving field.
**🎉 Join now the discord community (+2k members): https://discord.gg/6s9W3EQApw 🎉**
[](https://discord.gg/HhjhQgnp54)
[](https://www.reddit.com/r/cybersources/)
---
### **Sponsored by:**
---
## [**Check out the website‼️**](https://cybersources.site/)
[](https://cybersources.site/)
## 📋 Content
**OSINT**
* [OSINT](#11--osint)
* [Username Search](#12--username-search)
* [Email Search](#13--email-search)
* [Phone Number Search](#14--phone-number-search)
* [GEOINT](#15--geoint)
* [Photo/Images](#16--photo--images)
* [Social Networks](#17--social-networks)
* [Instagram](#171--instagram)
* [LinkedIn](#172--linkedin)
* [TikTok](#173--tiktok)
* [OnlyFans](#174--onlyfans)
* [Discord](#175--discord)
* [Twitch](#176--twitch)
* [Tinder](#177--tinder)
* [Reddit](#178--reddit)
* [Telegram](#179--telegram)
**Pentesting**
* [Post Explotation](#21--post-explotation)
* [Deobfuscators](#22--deobfuscators)
* [Decompilers](#23--decompilers)
* [Disassembler and debuggers](#24--Disassembler-and-debuggers)
* [Web](#25--web)
* [Network](#26--network)
* [RFID](#-27-RFID)
* [WiFi](#-28-wifi)
* [Bluetooth](#-29-bluetooth)
* [Reconnaissance](#-210-reconnaissance)
* [Bug Bounty](#-211-bug-bounty)
* [Binary Explotation](#-212-binary-explotation)
* [CCTV](#-213-cctv)
**Cryptography**
* [Cryptography](#31--cryptography)
* [Steganographic](#-32-steganographic)
* [Steganalysis](#-33-steganalysis)
**Forensic & Malware Analysis**
* [Forensic](#41--forensic)
* [Hex editors](#42--hex-editors)
* [Execution logging and tracing](#43--execution-logging-and-tracing)
* [Malware Analysis](#-44-malware-analysis)
**Anonymity and Security Tools**
* [Delete Your Trace](#-51-delete-your-trace)
* [Password Managers](#-52-password-managers)
* [VPNs](#-53-VPNs)
* [Privacy and Anonymity](#-54-privacy-and-anonymity)
**Utility & Miscellaneous**
* [Utility](#61--utility)
* [Miscellaneous](#62--miscellaneous)
* [News](#63--news)
* [Search Engines](#64--search-engines)
* [DNS/IP](#65--dnsip)
* [System](#66--system)
**AI Tools**
* [AI Programming](#71--ai-programming)
* [AI Cybersecurity](#72--ai-cybersecurity)
**Specialized Tools**
* [Cryptocurrency](#-81-cryptocurrency)
* [Playbooks](#-82-playbooks)
* [SIEM](#-83-siem)
* [Cracking](#-84-cracking)
**Hardware & Operating Systems**
* [Operating Systems](#-91-operating-systems)
* [Hardware Tools](#-92-hardware-tools)
**Learning & Training Resources**
* [Resources](#--resources)
* [Courses](#--courses)
* [Certifications](#--certifications)
* [Tutorials](#--tutorials)
* [Practice Webs](#-%EF%B8%8F-practice-webs)
* [CTFs - Training](#--ctfs---training)
* [Open-Source Repositories](#--open-source-repositories)
* [Learning Path](#-%EF%B8%8F-learning-path)
* [Projects Based](#-%EF%B8%8F-projects-based)
**Social and Media**
* [Events](#--events)
* [Community](#--community)
* [Podcasts](#-%EF%B8%8F-podcasts)
* [Documentaries](#--documentaries)
* [Books & Papers/Articles](#--books--papersarticles)
* [TV Shows](#-%EF%B8%8F-tv-shows)
* [Youtube Channels](#--youtube-channels)
* [LinkedIn Creators](#--linkedin-creators)
**Repository**
* [Stars History](#-%EF%B8%8F-star-history)
* [Collaborate](#--collaborate)
* [Credits](#--credits)
## 1. [↑](#-content) OSINT
#### 1.1 [↑](#-content) OSINT
| **Tool** | **Description** |
| ------------------------------------------------------------- | --------------------------------- |
| [OsintLabs](https://github.com/iamosinter/OsintLab/tree/main) | Tools and sites useful for osint |
| [OSINT Framework](https://osintframework.com/) | HUGE collection of OSINT tools |
| [Mitaka](https://github.com/ninoseki/mitaka) | Mitaka is a browser extension that makes your OSINTsearch & scan easier|
| [osint.rocks](https://osint.rocks) | A resource for locating and investigating individuals. |
| [Pim Eyes](https://pimeyes.com/en) | Facial recognition tool for reverse image searches. |
| [IntelTechniques](https://inteltechniques.com/tools/Search.html) | Search engine tailored for OSINT investigations across multiple data types. |
| [Cybdetective](https://cybdetective.com/osintmap) | Visual global directory of OSINT tools. |
| [Face Comparison](https://facecomparison.toolpie.com) | Compare facial images to find matches. |
| [OSINT Framework](https://osintframework.com) | Extensive repository of OSINT tools and techniques. |
| [FaceCheckID](https://facecheck.id) | Reverse image lookup specialized in facial recognition. |
| [Social Catfish](https://socialcatfish.com) | Find people using names, images, or other details. |
| [Google Lens](https://lens.google) | AI-powered tool to analyze and extract information from images. |
| [LensoAI](https://lenso.ai/en) | AI-driven platform for reverse image searching. |
| [OSINT Investigation Assistant](https://lambda.black/osint.html)| An OSINT Investigation Assistant designed to help with people investigations |
| [ClatScope](https://github.com/Clats97/ClatScope)|The best and most versatile OSINT utility for retrieving geolocation, DNS, WHOIS, phone, email, data breach information and much more (42 features).|
| [DataSurgeon](https://github.com/Drew-Alleman/DataSurgeon)|It allows for the extraction of various types of sensitive information including emails, phone numbers, hashes, credit cards, URLs, IP addresses, MAC addresses, SRV DNS records and more.|
|[Deep Dork Web](https://guilherme-moraiss.github.io/Deep-Dork-Web/)|Automate Google Dorking for OSINT investigations. Search indexed sensitive data efficiently with pre-built queries.|
|[Digital Digging OSINT](https://digitaldigging.org/osint/)|Collection of OSINT resources are organized by country and are useful for researchers, fact-checkers, and digital profilers.|
|[toposint](https://start.me/p/vjqXe1/toposint-com)|Open Source Intelligence collections and other interests.|
|[The OSINT Rack](https://www.mariosantella.com/the-osint-rack/)|A curated and growing list of open-source intelligence tools; explore resources across recon, social media, metadata, geolocation, and more.|
#### 1.2 [↑](#-content) Username Search
| **Tool** | **Description** |
| ---------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- |
| [UserSearch](https://usersearch.org) | Free tool to search usernames on 2000+ websites. |
| [CheckUser](https://checkuser.vercel.app/) | Search for usernames across social networks. |
| [Digital Footprint Check](https://www.digitalfootprintcheck.com/free-checker.html) | Free tool to verify usernames registered on hundreds of sites. |
| [IDCrawl](https://www.idcrawl.com/username) | Find usernames on popular social networks. |
| [Maigret](https://github.com/soxoj/maigret) | Collect detailed information on individuals using their username. |
| [Name Chk](http://www.namechk.com) | Verify usernames on over 90 social media platforms and 30 domain extensions. |
| [Name Checkr](http://www.namecheckr.com) | Search for domains and usernames across multiple platforms. |
| [Name Checkup](https://namecheckup.com) | Check username and domain availability across social media and websites. |
| [NexFil](https://github.com/thewhiteh4t/nexfil) | Identify usernames across nearly all social network sites. |
| [Seekr](https://github.com/seekr-osint/seekr) | Multi-tool for OSINT data management, note-taking, and username checking. |
| [SherlockEye](https://sherlockeye.io/) | Discover publicly available information tied to a username. |
| [Snoop](https://github.com/snooppr/snoop/blob/master/README.en.md) | Search for nicknames and usernames on the web within the OSINT domain. |
| [Inteltechniques](https://inteltechniques.com) | Collection of OSINT tools for diverse investigations. |
| [League of Legends Archiver](https://lolarchiver.com) | Archive and search past web data, with a focus on low-level intelligence collection. |
| [NameMC](https://namemc.com) | Search and verify Minecraft usernames. |
| [Namevine](https://namevine.com) | A tool to check name availability across various websites. |
| [OSINT-Rocks](https://osint.rocks) | A collection of open-source intelligence tools for various investigative purposes. |
| [Peek You](https://peekyou.com) | Search engine that finds publicly available data about individuals and their online profiles. |
| [Sherlock](https://github.com/sherlock-project/sherlock) | Search for usernames across social media and other websites. |
| [Social Searcher](https://social-searcher.com) | OSINT tool to search social media platforms for public information. |
| [UnAvatar](https://unavatar.io) | Discover avatars tied to an email address across different platforms. |
| [Instant Username](https://instantusername.com/)|Instantly check username availability across multiple platforms as you type.|
| [NamesDir](https://namesdir.com/)|Namesdir is a simple web tool to list most of the existing first names for a surname and vice versa.|
| [Amazon Usernames](https://www.google.com/search?q=site:amazon.com+%3Cusername%3E)|URL for search usernames for Amazon|
| [GitHub Usernames](https://api.github.com/users/%3Cusername%3E/events/public)|URL to find GitHub users.|
| [Tinder Usernames](https://www.gotinder.com/@%3Cusername%3E)|URL to find tinder users.|
#### 1.3 [↑](#-content) Email Search
| Tool | Description |
|-------------------------------------|----------------------------------------------------------------------------------------------|
| [Epieos](https://epieos.com) | Analyze and investigate email addresses. |
| [BreachDirectory](https://breachdirectory.com) | Explore databases of breached email accounts. |
| [MailTester](https://mailtester.com) | Locate email addresses and optimize email deliverability. |
| [MXToolbox](https://mxtoolbox.com) | Troubleshoot and investigate email server issues using free tools. |
| [DeHashed](https://dehashed.com) | Prevent account takeovers with breach notifications and data analysis. |
| [EmailHippo](https://emailhippo.com) | Verify if an email address exists with accuracy. |
| [Ghunt](https://github.com/mxrch/GHunt) | Investigate Google-related emails and associated documents. |
| [Gitrecon](https://github.com/internetwache/GitTools) | Scan GitHub repositories for exposed emails and names. |
| [h8mail](https://github.com/khast3x/h8mail) | Perform local or premium email OSINT and password breach hunting. |
| [Have I Been Pwned](https://haveibeenpwned.com) | Check whether an email address has been exposed in data breaches. |
| [Holehe](https://github.com/megadose/holehe) | Discover accounts linked to email addresses across various platforms. |
| [LeakCheck](https://leakcheck.net) | Search over 7.5B breached entries for emails, usernames, and other data. |
| [ActiveTK.jp](https://activetk.jp) | Obtain Google account information from a Gmail address, such as name, profile image, and services used. |
| [Black Kite](https://blackkite.com) | Cybersecurity tool for assessing third-party risks. |
| [Hudson Rock Cybercrime Intelligence Tools]( https://hudsonrock.com/free-tools/?=cybersources) | Comprehensive tools for cybercrime intelligence and monitoring. |
| [Intelltechniques](https://inteltechniques.com) | Collection of OSINT tools for diverse investigations. |
| [OCCRP Aleph](https://aleph.occrp.org) | Investigative platform for OSINT tools, particularly useful for journalists and activists. |
| [Omail](https://omail.io) | OSINT tool for checking email addresses against multiple online sources. |
| [OSINT-Rocks](https://osint.rocks) | A collection of open-source intelligence tools for various investigative purposes. |
| [Peek You](https://peekyou.com) | Search engine that finds publicly available data about individuals and their online profiles. |
| [Predicta Search](https://predictasearch.com) | Tool that enables users to search for digital data across various online platforms. |
| [Skymem](https://skymem.com) | Email lookup tool that tracks and archives email addresses, searching for data leaks and more. |
| [Synapsint](https://synapsint.com) | OSINT search engine for finding public data across social networks and websites. |
| [That's Them](https://thatsthem.com) | Provides a quick search for people and email addresses to locate social profiles and data. |
| [Whoisology](https://whoisology.com) | OSINT platform used for investigating domain ownership, email addresses, and IP data. |
| [Ashley Madison Emails](https://ashley.cynic.al/)|Was your profile compromised in the Ashley Madison hack?|
| [MailBox Validator](https://www.mailboxvalidator.com/demo)|Validate and clean your email list by detecting disposable emails, invalid emails, mail server and much more.|
| [EmailRep](https://emailrep.io/)|Illuminate the "reputation" behind an email address|
| [ReadNotify](https://www.readnotify.com/)|ReadNotify lets you know when email you've sent gets read!|
| [MailScrap](https://mailscrap.com/)|This email verification tool actually connects to the mail server and checks whether the mailbox exists or not, wipeout disposable email addresses from your email list.|
| [Check-if-email-exists](https://github.com/reacherhq/check-if-email-exists)|Check if an email address exists without sending any email, written in Rust. Comes with a ⚙️ HTTP backend.|
| [OneLook](https://www.onelook.com/reverse-dictionary.shtml)|Enter a word, phrase, description, or pattern above to find synonyms, related words, and more.|
| [Email Permutator](http://metricsparrow.com/toolkit/email-permutator/)|This tool is intended to help you find the email addresses of people you need to contact.|
| [Toofr](https://www.toofr.com/)|Find Anyone’s Email Address in Seconds. Instantly connect with decision-makers that matter to your business.|
| [Skymem](https://www.skymem.info/)|Find email addresses of companies and people|
| [the Harvester](https://github.com/laramies/theHarvester)|E-mails, subdomains and names Harvester - OSINT|
| [Voilanobert](https://www.voilanorbert.com/)|I can find anyone's email address|
| [Hunter](https://hunter.io/)|Hunter is your all-in-one email outreach platform.|
| [SingalHire](https://www.signalhire.com/)|Find Valid Emails and Phone Numbers|
| [LeakRadar](https://leakradar.io/)|Instant search across 2 B+ plain-text info-stealer credentials; email, domain, metadata queries, monitoring & API|
| [Have I Been Ransom](https://haveibeenransom.com/)|Because people have the right to know if their data has been leaked. Check if you have been ransomed.|
#### 1.4 [↑](#-content) Phone Number Search
| Tool | Description |
|-------------------------------------|----------------------------------------------------------------------------------------------|
|[phoneinfoga](https://github.com/sundowndev/phoneinfoga)|Information gathering framework for phone numbers|
#### 1.5 [↑](#-content) GEOINT
| Tools | Description |
| --------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------- |
| [Bellingcat](https://osm-search.bellingcat.com) | Geospatial intelligence and analysis. |
| [OhShint](https://ohshint.gitbook.io/oh-shint-its-a-blog/osint-web-resources/mapping-and-geospatial-intelligence-geoint) | Geospatial OSINT tools. |
| [GeoSpy](https://geospy.ai) | The World's Best AI Geolocation Tool |
| [Picarta](https://picarta.ai) | We find where a photo has been taken in the world using Artificial Intelligence. |
| [IPLogger](https://iplogger.org/) | IP Logger link shortener with geolocalizaction with advanced analytics. |
| [GeoNames](https://www.geonames.org) | The GeoNames geographical database with over 11 million placenames. |
| [Geoseer.net](https://www.geoseer.net) | Search over 3.5 million spatial GIS datasets hosted on over 40k live services. |
| [GeoINT Search](https://www.google.com) | Custom Google search for geographical-related queries. |
| [Earth Engine Dataset](https://earthengine.google.com) | Public data archive with over 40 years of imagery and scientific datasets. |
| [GeoPlatform Portal](https://www.geoplatform.gov) | Cross-agency collaborative effort for geospatial data sharing and transparency. |
| [FAO Map Catalog](https://www.fao.org) | Collection of geographical maps from the FAO. |
| [Geocreepy](https://github.com/benmcgann/geocreepy) | Geolocation OSINT tool for gathering location data from social networks. |
| [US Crisis Monitor](https://www.uscrisismonitor.com) | In-depth coverage of political violence trends in the US. |
| [Toronto Live](https://www.torontolive.ca) | Provides live information about public schools, traffic, bike shares, etc. |
| [GeoProtests API](https://www.geoprotests.com) | Query and visualize protests worldwide with spatial aggregations. |
| [GeoINT-py](https://github.com/geoint-py) | A collection of geospatial intelligence workflows implemented in Python. |
| [OverPass Turbo](https://overpass-turbo.eu/) | Ways I use ChatGPT with OverpassTurbo for OSINT Geolocation Research |
| [GeoHints](https://geohints.com/) | Geolocation hints and tips for OSINT investigations. |
| [GeoGuessr Assistant](https://chatgpt.com/g/g-VcnlRdShx-geoguessr-assistant) | An assistant tool for the GeoGuessr game, providing geolocation support. |
| [GeoTips](https://geotips.net/) | A guide for geolocation strategies and tips. |
| [Plonkit](https://www.plonkit.net/guide) | Provides resources for geolocation and map-related guidance. |
| [GeoEstimation Labs](https://labs.tib.eu/geoestimation/) | A platform for geolocation estimation and analysis. |
| [Google Earth](https://earth.google.com) | Explore the world with 3D maps and satellite imagery. |
| [Mapillary](https://www.mapillary.com) | Street-level imagery platform for mapping and geolocation research. |
| [World Imagery Wayback](https://livingatlas.arcgis.com/wayback) | Access archived imagery for geospatial analysis. |
| [Zoom Earth](https://zoom.earth) | Live weather maps, storm tracking, and global satellite imagery. |
| [Sentinel Playground](https://apps.sentinel-hub.com/sentinel-playground/) | Explore satellite imagery and geospatial data from Sentinel satellites. |
| [Real-Time Satellite Tracking](https://n2yo.com) | Track satellites and view predictions in real-time. |
| [SunCalc](https://suncalc.net/) | Calculate sunrise, sunset, shadow length, and solar position data on a map. |
| [Map Developers](https://www.mapdevelopers.com) | Custom Google Map API solutions and tools for developers. |
| [OSM Finder](https://osm.org) | OpenStreetMap search and navigation tool for location data. |
| [PeakVisor](https://peakvisor.com) | AR app and site for exploring mountains and hiking trails. |
| [Bellingcat OSM Search](https://www.bellingcat.com/resources/how-tos/2020/01/21/using-openstreetmap-for-geolocation-osint/) | Guide and tool for geolocation using OpenStreetMap. |
| [Google Maps](https://maps.google.com) | A widely used tool for mapping, navigation, and geolocation searches. |
| [Overpass Turbo](https://overpass-turbo.eu) | A web-based tool for querying and filtering OpenStreetMap data. |
| [Google Earth](https://earth.google.com) | 3D mapping and satellite imagery tool for exploring locations globally. |
| [Mapillary](https://www.mapillary.com) | A street-level imagery platform for mapping and geospatial analysis. |
| [World Imagery Wayback](https://livingatlas.arcgis.com/wayback) | Access archived satellite imagery for geospatial and temporal analysis. |
| [Zoom Earth](https://zoom.earth) | Live weather map and satellite imagery with storm tracking and rain radar. |
| [Sentinel Playground](https://apps.sentinel-hub.com/sentinel-playground/) | Explore satellite imagery and analyze geospatial data from Sentinel satellites. |
| [Real-Time Satellite Tracking](https://n2yo.com) | Track satellites and view real-time predictions for their paths. |
| [SunCalc](https://suncalc.net/) | A solar position calculator for determining sunrise, sunset, and shadow lengths on a map. |
| [Map Developers](https://www.mapdevelopers.com) | Provides custom Google Map API solutions and tools for advanced mapping needs. |
| [GeoSpy AI](https://geospy.ai/)| Convert pixels into actionable location intelligence using AI.|
#### 1.6 [↑](#-content) Photo / Images
| Tools | Description |
| ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ |
| [Photo.Osint](https://start.me/p/0PgzqO/photo-osint)| List of all tools for photo and images OSINT.|
| [Foto Forensics](https://fotoforensics.com/) | All the metadata of an image. |
| [Exiftool](https://github.com/exiftool/exiftool) | A terminal based tool for extracting images meta data. |
#### 1.7 [↑](#-content) Social Networks
#### 1.7.1 [↑](#-content) Instagram
| Tools | Description |
| -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------ |
| [Aware Online: Instagram Search Tool](https://www.aware-online.com/osint-tools/instagram-search-tool) | Instagram Search Tool |
| [Combin](https://www.combin.com) | Instagram marketing tool for managing and growing your account. |
| [Comment Picker](https://commentpicker.com) | Tool for selecting random winners from comments. |
| [Display Purposes](https://displaypurposes.com) | Tool for finding hashtags related to your content. |
| [DownAlbum](https://chrome.google.com/webstore/detail/downalbum/cgjnhhjpfcdhbhlcmmjppicjmgfkppok) | Chrome extension for downloading photos and videos from Instagram. |
| [Engagement-calculator](https://phlanx.com/engagement-calculator) | Tool for calculating engagement rates on Instagram. |
| [Export Comments](https://exportcomments.com) | Tool for exporting Instagram comments. |
| [Hashtagify](http://hashtagify.me) | Tool for finding and analyzing hashtags. |
| [Hashtags for Likes](https://www.hashtagsforlikes.co) | Tool for finding the best hashtags for Instagram. |
| [HypeAuditor](https://hypeauditor.com) | Tool for analyzing the authenticity of influencers and their engagement. |
| [Iconosquare](http://iconosquare.com) | Tool for managing and analyzing Instagram accounts. |
| [IGSuperStar](https://igsuperstar.com) | Tool for finding Instagram influencers. |
| [Imgbunk](https://imgbunk.com) | Tool for searching and downloading Instagram photos. |
| [ImgInn](https://imginn.com) | Tool for viewing and downloading Instagram stories anonymously. |
| [In Tags](https://play.google.com/store/apps/details?id=com.sunraylabs.socialtags) | Tool for finding the best tags for your Instagram posts. |
| [INSSIST](https://chrome.google.com/webstore/detail/inssist-post-stories-dmw/bcocdbombenodlegijagbhdjbifpiijp) | Chrome extension for posting photos and stories on Instagram from desktop. |
| [InstaFollowers](https://www.instafollowers.co) | Tool for gaining followers and engagement on Instagram. |
| [Instagram Crawler](https://github.com/hehpollon/Instagram-Crawler) | Tool for scraping Instagram data. |
| [Instagram Explorer](https://www.osintcombine.com/instagram-explorer) | Tool for exploring Instagram profiles and posts. |
| [Instagram OSINT](https://github.com/sc1341/InstagramOSINT) | Open-source intelligence tool for Instagram. |
| [Instagram Scraper](https://apify.com/jaroslavhejlek/instagram-scraper) | Tool for scraping Instagram posts and profiles. |
| [Instagram Search Tool (Aware Online)](http://www.aware-online.com/en/osint-tools/instagram-search-tool) | Tool for searching Instagram profiles and posts. |
| [InstaLoader](https://github.com/instaloader/instaloader) | Tool for downloading Instagram photos, videos, and metadata. |
| [instaloctrack](https://github.com/bernsteining/instaloctrack) | Tool for tracking Instagram locations. |
| [InstaLooter](https://github.com/althonos/InstaLooter) | Tool for downloading photos and videos from Instagram profiles. |
| [Keyhole](http://keyhole.co) | Tool for tracking and analyzing social media campaigns. |
| [Leetags](https://www.leetags.com) | Tool for finding the best hashtags for Instagram posts. |
| [MetaHashtags](https://metahashtags.com) | Tool for generating and analyzing hashtags. |
| [Minter.io](https://minter.io) | Tool for Instagram analytics and reporting. |
| [noninstagram](https://github.com/datvance/noinstagram) | Tool for Instagram data analysis. |
| [Osi.ig](https://github.com/th3unkn0n/osi.ig) | Tool for Instagram OSINT. |
| [Osintgram](https://github.com/Datalux/Osintgram) | OSINT tool for analyzing Instagram profiles and posts. |
| [Otzberg.net](https://www.otzberg.net/iguserid/index.php) | Tool for finding Instagram user IDs. |
| [Panoramiq](https://apps.hootsuite.com/apps/panoramiq) | Tool for scheduling and managing Instagram posts. |
| [Phantom Buster](https://phantombuster.com/phantombuster) | Automation tool for social media platforms. |
| [Picodash](https://www.picodash.com) | Tool for searching and organizing Instagram content. |
| [Scylla](https://github.com/josh0xA/Scylla) | Tool for Instagram OSINT and data scraping. |
| [Skimagram](https://snoopreport.com) | Tool for tracking Instagram activity. |
| [Social-alerts](https://github.com/mamoedo/social-alerts) | Tool for setting up social media alerts. |
| [SocialInsider](https://www.socialinsider.io) | Tool for social media analytics and competitive analysis. |
| [socid_extractor](https://github.com/soxoj/socid_extractor) | Tool for extracting social media IDs. |
| [SoIG](https://github.com/yezz123/SoIG) | Tool for Instagram OSINT. |
| [tailwind](https://www.tailwindapp.com) | Tool for scheduling and managing Instagram posts. |
| [ThumbTube](https://thumbtube.com/instagram-profile-picture-downloader) | Tool for downloading Instagram profile pictures. |
| [trendHERO](https://trendhero.io) | Tool for influencer marketing and analytics. |
| [Webstagram](https://webstagram.org) | Instagram web viewer and search tool. |
| [Flufi](https://flufi.me/) | A tool for exploring public stories, posts, reels, tags, followers, and more.. |
| [Find Instagram User ID](https://findinstagramuserid.com/) | A tool to find the Instagram user ID for any profile. |
#### 1.7.2 [↑](#-content) Linkedin
| Tools | Description |
| --------------------------------------------------------------------------------------------------- | ------------------------------------------ |
| [IntelligenceX: Linkedin](https://intelx.io/tools?tab=linkedin) | LinkedIn search tool by IntelligenceX. |
| [BridgeKeeper](https://github.com/0xZDH/BridgeKeeper) | Tool for OSINT on LinkedIn profiles. |
| [CrossLinked](https://github.com/m8r0wn/crosslinked) | LinkedIn enumeration tool. |
| [Email Reverse Lookup](https://github.com/rebootORZ/OSINT_Spider.py) | Tool for reverse email lookup on LinkedIn. |
| [Free People Search Tools](https://freepeoplesearchtool.com) | Comprehensive people search tool. |
| [FTL](https://chrome.google.com/webstore/detail/ftl/lkpekgkhmldknbcgjicjkomphkhhdkjj?hl=en-GB) | Chrome extension for LinkedIn OSINT. |
| [osint.support](https://osint.support/chrome-extensions) | Collection of OSINT tools for LinkedIn. |
| [InSpy](https://github.com/leapsecurity/InSpy) | LinkedIn enumeration tool. |
| [Linkedin Bookmarklet](https://github.com/sinwindie/OSINT/blob/master/LinkedIn/Bookmarklet%20Tools) | Bookmarklet tools for LinkedIn OSINT. |
| [Linkedin Profile Scraper](https://github.com/Monst3rSec/linkedin-profile-scraper) | Tool for scraping LinkedIn profiles. |
| [Linkedin Search TGC](https://www.anantha.co.in/linkedin) | Tool for searching LinkedIn profiles. |
| [LinkedInt](https://github.com/vysecurity/LinkedInt) | LinkedIn intelligence and OSINT tool. |
| [Osint Support Linkedin](https://github.com/jqueguiner/lk_scraper) | Support tools for LinkedIn OSINT. |
| [Phantom Buster](https://phantombuster.com/phantombuster) | Automation tool for LinkedIn tasks. |
| [raven](https://github.com/0x09AL/raven) | LinkedIn enumeration and scraping tool. |
| [Recruitin.net](https://recruitin.net/) | Tool for recruiting on LinkedIn. |
| [Recruitment Geek](https://recruitmentgeek.com/tools/linkedin) | LinkedIn search tool for recruiters. |
| [ScrapedIn](https://github.com/dchrastil/ScrapedIn) | Tool for scraping LinkedIn profiles. |
#### 1.7.3 [↑](#-content) TikTok
| Tools | Description | --- |
| --------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --- |
| [Exolyt.com](https://exolyt.com/) | Tool for analyzing TikTok profiles and videos. | --- |
| [Hashtags for Likes](https://www.hashtagsforlikes.co) | Tool for finding the best hashtags for TikTok posts. | --- |
| [HypeAuditor](https://hypeauditor.com) | Tool for analyzing the authenticity of TikTok influencers. | --- |
| [Influence Grid](https://www.influencegrid.com) | Tool for finding TikTok influencers. | --- |
| [InstaFollowers](https://www.instafollowers.co/find-tiktok-user-id) | Tool for finding TikTok user IDs. | --- |
| [Mavekite.com](https://mavekite.com/) | Tool for managing and analyzing TikTok campaigns. | --- |
| [OSINT Combine TikTok Quick Search](https://www.osintcombine.com/tiktok-quick-search) | Quick search tool for TikTok profiles. | --- |
| [Savefrom.net](https://en.savefrom.net/download-from-tiktok) | Tool for downloading TikTok videos. | --- |
| [Sinwindie TikTok Bookmarklet Tools](https://github.com/sinwindie/OSINT/blob/master/TikTok/Bookmarklet%20Tools) | Bookmarklet tools for TikTok OSINT. | --- |
| [Snaptik.app](https://snaptik.app/) | Tool for downloading TikTok videos. | --- |
| [Tikbuddy](https://app.tikbuddy.com/) | Tool for analyzing TikTok profiles and content. | --- |
| [TikTok API](https://github.com/szdc/tiktok-api) | API for interacting with TikTok. | --- |
| [TikTok Creative Center Statistics](https://ads.tiktok.com/business/creativecenter/inspiration/popular/hashtag/pc/en?from=001114) | Tool for finding trending hashtags and content on TikTok. | --- |
| [TikTok Downloader](https://tiktokdownloader.com/) | Tool for downloading TikTok videos. | --- |
| [TikTok Hashtags](https://tiktokhashtags.com) | Tool for generating TikTok hashtags. | --- |
| [TikTok Scraper](https://github.com/Dutchosintguy/tiktok-scraper) | Tool for scraping TikTok profiles and videos. | --- |
| [TikTok Timestamp](https://bellingcat.github.io/tiktok-timestamp/) | Tool for analyzing timestamps on TikTok videos. | --- |
| [TikView](https://tikview.com/tiktok-search) | Tool for searching TikTok profiles and content. | --- |
| [tikvstock](https://tikvstok.com/tiktok) | Tool for stock and analyzing TikTok videos. | --- |
| [Tokvid](https://tokvid.com) | Tool for downloading TikTok videos. | --- |
| [TubeHi](https://tubehi.com) | Tool for analyzing TikTok and YouTube content. | --- |
| [Vidnice](https://vidnice.com) | Tool for analyzing TikTok profiles and content. | --- |
#### 1.7.4 [↑](#-content) OnlyFans
| Tools | Description |
| ------------------------------------------------------------------ | ------------------------------------------- |
| [fansmetrics.com](http://fansmetrics.com/) | Tool for analyzing OnlyFans metrics. |
| [Onlysearch.com](https://onlysearch.co/) | Search tool for finding OnlyFans profiles. |
| [onlyfinder.com](https://onlyfinder.com/) | Tool for finding OnlyFans creators. |
| [hubite.com/onlyfans-search/](https://hubite.com/onlyfans-search/) | OnlyFans search tool. |
| [SimilarFans](https://similarfans.com/) | Tool for finding similar OnlyFans profiles. |
| [FanSearch](https://www.fansearch.com/) | Comprehensive search tool for OnlyFans. |
#### 1.7.5 [↑](#-content) Discord
| Tools | Description |
| ------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- |
| [ASTRAAHOME](https://github.com/AstraaDev/Discord-All-Tools-In-One) | A collection of all-in-one tools for Discord. |
| [Discord History Tracker](https://dht.chylex.com/) | A tool for tracking and saving chat histories in Discord. |
| [DISBOARD](https://disboard.org/) | A platform to discover and list Discord servers. |
| [Discord Bots (Community)](https://discord.bots.gg/) | A collection of publicly available Discord bots created by community members, serving various functions. |
| [Discord ID Lookup](https://discord.id/) | An unofficial tool for looking up Discord user information. |
| [Discord Bots (Exploration)](https://top.gg/) | A vast collection to explore millions of Discord bots for different purposes. |
| [DiscordServers](https://discordservers.com/) | A curated selection of popular and interesting public Discord servers. |
| [Discord Me](https://discord.me/) | A site for finding public Discord servers and bots. |
| [DiscordOSINT](https://discordosint.com/) | Provides resources for conducting research and OSINT investigations related to Discord accounts, servers, and bots. |
| [Discord Bots](https://discordbots.org/) | A comprehensive directory of top Discord bots, apps, and servers, including popular music and economy bots. |
#### 1.7.6 [↑](#-content) Twitch
| Tools | Description |
| ------------------------------------------------------------------------------- | ---------------------------------------------------------------------- |
| [Twitch Tools](https://twitch-tools.rootonline.de/followerlist_viewer.php) | Tool for viewing follower lists on Twitch. |
| [Twitch Tracker](https://twitchtracker.com/) | Tool for tracking Twitch statistics and analytics. |
| [Sully Gnome](https://sullygnome.com/) | Tool for analyzing Twitch stream statistics. |
| [Twitch Stream Filter](https://twitch-tools.rootonline.de/channel_previews.php) | Tool for filtering and previewing Twitch streams. |
| [Untwitch.com](https://untwitch.com/) | Tool for downloading Twitch videos. |
| [Twitch Overlap](https://stats.roki.sh/) | Tool for analyzing viewer overlap between Twitch streamers. |
| [Justlog](https://logs.ivr.fi/) | Tool for viewing Twitch chat logs. |
| [Twitch Recover](https://github.com/TwitchRecover/TwitchRecover) | Tool for recovering deleted Twitch videos. |
| [Twitch Database](https://www.twitchdatabase.com/following) | Database for tracking Twitch followings. |
| [Twitch Insights](https://twitchinsights.net/) | Tool for analyzing Twitch trends and statistics. |
| [Twitch Followage Tool](https://streamscharts.com/tools/followage) | Tool for checking how long users have been following a Twitch channel. |
#### 1.7.7 [↑](#-content) Tinder
| Tools | Description |
| -------------------------------------------------- | -------------------------------------------------------------- |
| [Badoo](https://badoo.com) | Social discovery and dating app. |
| [Bumble](https://bumble.com) | Dating app where women make the first move. |
| [Coffee Meets Bagel](https://coffeemeetsbagel.com) | Dating app that curates matches for users. |
| [eHarmony](https://www.eharmony.com) | Dating site focused on long-term relationships. |
| [Grindr](https://www.grindr.com) | Social networking app for gay, bi, trans, and queer people. |
| [happn](https://www.happn.com) | Dating app that shows users people they've crossed paths with. |
| [HER](https://weareher.com) | Dating and social app for LGBTQ+ women and non-binary people. |
| [Heybaby](https://www.heybaby.com) | Dating app for single parents and those open to dating them. |
| [Hinge](https://hinge.co) | Dating app designed to be deleted. |
| [The Inner Circle](https://theinnercircle.co) | Exclusive dating app for ambitious professionals. |
| [The League](https://www.theleague.com) | Dating app for professionals. |
| [Match.com](https://www.match.com) | One of the largest dating sites. |
| [MeetMe](https://www.meetme.com) | Social discovery app for meeting new people. |
| [OkCupid](https://www.okcupid.com) | Dating app with a detailed questionnaire for matching. |
| [Plenty of Fish](https://pof.com) | Dating site with a large user base. |
| [Scruff](https://www.scruff.com) | Social app for gay, bi, trans, and queer people. |
| [Tastebuds](https://tastebuds.fm) | Dating app that matches people based on music taste. |
| [Tinder](https://tinder.com) | Popular dating app for meeting new people. |
| [zoosk](https://www.zoosk.com) | Dating site with a behavioral matchmaking algorithm. |
#### 1.7.8 [↑](#-content) Reddit
| Tools | Description |
| -------------------------------------------------- | -------------------------------------------------------------- |
| [snscrape](https://github.com/JustAnotherArchivist/snscrape) | Command-line tool for scraping social media posts. |
| [Redective](https://redective.com) | OSINT tool for analyzing Reddit user activity. |
| [KnewKarma](https://knewkarma.com) | Reddit analytics and visualization tool. |
| [RedditPostSleuth](https://www.repostsleuth.com/) | Tool for investigating and analyzing Reddit posts. |
#### 1.7.9 [↑](#-content) Telegram
| Tools | Description |
| -------------------------------------------------- | -------------------------------------------------------------- |
| [telegram-checker](https://github.com/unnohwn/telegram-checker) | A Python tool for checking Telegram accounts via phone numbers or usernames. Automatically verifies account existence, downloads profile pictures, and provides detailed user information in a clean JSON format. Built with Telethon API for reliable Telegram interaction. |
## 2. [↑](#-content) Pentesting
### 2.1 [↑](#-content) Post Explotation
| Tools | Description |
| ------------------------------------------------------------- | ----------------------------------------------------------------------------------- |
| [Empire](https://github.com/EmpireProject/Empire) | A post exploitation framework for powershell and python. |
| [Silentrinity](https://github.com/byt3bl33d3r/SILENTTRINITY) | A post exploitation tool that uses iron python to get past powershell restrictions. |
| [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) | A PowerShell post exploitation framework. |
| [ebowla](https://github.com/Genetic-Malware/Ebowla) | Framework for Making Environmental Keyed Payloads. |
### 2.2 [↑](#-content) Deobfuscators
| Tools | Description |
| ----------------------------------------- | ---------------------------------------------------------------------------------------------- |
| [JS Nice](http://jsnice.org/) | Web service guessing JS variables names and types based on the model derived from open source. |
| [de4dot](https://github.com/0xd4d/de4dot) | .NET deobfuscator and unpacker. |
### 2.3 [↑](#-content) Decompilers
| Tools | Description |
| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
| [uncompyle6](https://github.com/rocky/python-uncompyle6) | Decompiler for the over 20 releases and 20 years of CPython. |
| [Hopper](https://www.hopperapp.com/) | A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables. |
| [Karkatau](https://github.com/Storyyeller/Krakatau) | The best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully. |
| [dnSpy](https://github.com/0xd4d/dnSpy) | .NET assembly editor, decompiler, and debugger |
| [ILSpy](https://github.com/icsharpcode/ILSpy/) | An open-source .NET assembly browser and decompiler |
| [DotPeek](https://www.jetbrains.com/decompiler/) | A free-of-charge .NET decompiler from JetBrains |
| [JADX](https://github.com/skylot/jadx) | Decompiler for Android apps. Not related to JAD. |
| [JAD](http://varaneckas.com/jad/) | JAD Java Decompiler (closed-source, unmaintained) |
| [Luyten](https://github.com/deathmarine/Luyten) | One of the best, though a bit slow, hangs on some binaries and not very well maintained. |
| [R2Dec](https://github.com/wargio/r2dec-js) | Decompiler plugin for radare2 |
| [Decai](https://github.com/radareorg/r2ai) | LLM-based decompiler for radare2 |
| [BinaryNinja](https://binary.ninja/) | Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform built by reverse engineers, for reverse engineers. |
| [apktool](https://apktool.org/)|A tool for reverse engineering Android apk files|
|[Procyon](https://github.com/ststeiger/procyon)|Procyon java decompiler - Procyon is a binary star system in Canis Minor|
### 2.4 [↑](#-content) Disassembler and debuggers
| Tools | Description |
| ----------------------------------------------------- | ----------------------------------------------------------------------------------------------- |
| [IDA](https://www.hex-rays.com/products/ida/) | Multi-platform disassembler and debugger for Windows, Linux, and macOS. |
| [Olly](http://www.ollydbg.de/) | 32-bit assembler-level debugging tool for Windows. |
| [plasma](https://github.com/joelpx/plasma) | Interactive disassembler for x86, ARM, and MIPS, with indented pseudo-code and syntax coloring. |
| [radare2](https://github.com/radare/radare2) | Portable and versatile reverse engineering framework. |
| [iaito](https://github.com/radareorg/iaito) | Graphical interface for the radare2 reverse engineering framework. |
| [x64dbg](https://github.com/x64dbg/x64dbg) | Open-source debugger for x64 and x32 applications on Windows. |
| [ScratchABit](https://github.com/pfalcon/ScratchABit) | Customizable and hackable disassembler with support for IDAPython-compatible plugins. |
| [Ghidra](https://ghidra-sre.org/) | Comprehensive reverse engineering suite developed by the NSA. |
### 2.5 [↑](#-content) Web
| Web | Description |
| --------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
| [Cyberbro](https://github.com/stanfrbd/cyberbro) | A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services (API and scraping). |
| [recon-ng](https://github.com/lanmaster53/recon-ng) | Web reconnaissance framework for gathering OSINT. |
| [Katana](https://github.com/projectdiscovery/katana) | A web reconnaissance tool, recognized for web crawling and spidering. |
| [Waybackurls](https://github.com/tomnomnom/waybackurls) | A tool for extracting historical URLs from the Wayback Machine, helping to discover hidden or outdated web resources. |
| [SpySe](https://spyse.com/) | Data gathering service offering detailed information on IPs, domains, ports, technologies, and more through OSINT. |
| [Git-Scanner](https://github.com/HightechSec/git-scanner) | Tool for bug hunting or penetration testing to find exposed .git repositories. |
| [Keyscope](https://github.com/SpectralOps/keyscope) | Key and secret auditing tool that checks secrets against multiple SaaS platforms. |
| [VHostScan](https://github.com/codingo/VHostScan) | Virtual host scanner that performs reverse lookups and detects dynamic default pages, aliases, and catch-all configurations. |
| [Shodan](https://www.shodan.io/) | Search engine for finding servers and devices connected to the internet. |
| [SubFinder](https://github.com/subfinder/subfinder) | Tool for discovering valid subdomains through passive online sources. |
| [sqlmap](https://github.com/sqlmapproject/sqlmap) | Automatic SQL injection tool for database takeover. |
| [URLVoid](https://www.urlvoid.com/) | Website reputation checker that scans URLs for safety using multiple security engines and blocklists. |
| [Gobuster](https://github.com/OJ/gobuster/releases/tag/v3.6.0) | Gobuster is a fast and efficient tool used in penetration testing and ethical hacking for discovering hidden directories, files, DNS subdomains, and virtual hostnames on a web server. It works by brute-forcing web server paths or subdomains using wordlists. |
| [Ffuf](https://github.com/ffuf/ffuf) | An alternative for fast web fuzzing based on Golang, used for discovering hidden files, directories, sub-domains, VHosts and resources by brute-forcing URL paths. |
| [Httpx](https://github.com/projectdiscovery/httpx) | A fast and efficient multi-purpose tool for probing and discovering HTTP-based services, performing various checks like SSL/TLS, redirects, and more. |
| [SecLists](https://github.com/danielmiessler/SecLists) | Seclist is a depository full if word list I use it for Gobuster and other brute forcing aapplications. It has a variety of wordlists for your needs of small wordlists to large wordlists.|
| [Burp Suite](https://portswigger.net/burp/documentation/desktop/getting-started/download-and-install) | A powerful GUI based integrated platform for web application security testing, offering tools for intercepting traffic, scanning vulnerabilities, brute-forcing and exploiting security flaws. |
|[HExHTTP](https://github.com/c0dejump/HExHTTP)|Tool designed to perform tests on HTTP headers and analyze the results to identify vulnerabilities and interesting behaviors.|
|[403JUMP](https://github.com/trap-bytes/403jump)|Tool designed for penetration testers and bug bounty hunters to audit the security of web applications|
|[0BL1V10N CVE-2024-25600 (Bricks Builder Plugin Exploit)](https://github.com/ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress)|Exploit for CVE-2024-25600 in Bricks Builder (WordPress). Developed for TryHackMe’s Bricks Heist room. Enhanced from Tornad0007. From OD&H|
| [SubdomainRadar](https://subdomainradar.io/) | All-in-one recon platform: 50+ data sources for subdomain discovery, port & vulnerability scans, screenshots, and API access|
### 2.6 [↑](#-content) Network
| Tools | Description |
| --------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------ |
| [NetworkMiner](http://www.netresec.com/?page=NetworkMiner) | Network Forensic Analysis Tool (NFAT) for analyzing network traffic. |
| [Paros](http://sourceforge.net/projects/paros/) | Java-based HTTP/HTTPS proxy for web application vulnerability assessment. |
| [pig](https://github.com/rafael-santiago/pig) | Linux-based packet crafting tool. |
| [cirt-fuzzer](http://www.cirt.dk/) | Simple TCP/UDP protocol fuzzer for vulnerability testing. |
| [ASlookup](https://aslookup.com/) | Tool for exploring autonomous systems with related data (CIDR, ASN, Org). |
| [ZAP](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) | Integrated penetration testing tool for identifying vulnerabilities in web applications. |
| [mitmsocks4j](https://github.com/Akdeniz/mitmsocks4j) | Man-in-the-middle SOCKS proxy for Java. |
| [ssh-mitm](https://github.com/jtesta/ssh-mitm) | SSH/SFTP man-in-the-middle tool for logging sessions and passwords. |
| [nmap](https://nmap.org/) | Security scanner for network exploration and vulnerability scanning. |
| [Nipe](https://github.com/GouveaHeitor/nipe) | Script to route traffic through the Tor network. |
| [Habu](https://github.com/portantier/habu) | Python toolkit for network hacking. |
| [Wifi Jammer](https://n0where.net/wifijammer/) | Program to jam all Wi-Fi clients in range. |
| [Firesheep](https://codebutler.github.io/firesheep/) | HTTP session hijacking attack tool. |
| [Scapy](https://github.com/secdev/awesome-scapy) | Python tool for creating and manipulating network packets. |
| [Amass](https://github.com/OWASP/Amass) | Subdomain enumeration tool with scraping, brute forcing, crawling, and reverse DNS capabilities. |
| [sniffglue](https://github.com/kpcyrd/sniffglue) | Multithreaded secure packet sniffer.
| [Vulert](Vulert.com) | Vulert secures software by detecting vulnerabilities in open-source dependencies—without accessing your code. It supports Js, PHP, Java, Python, and more.
| [Netz](https://github.com/spectralops/netz) | Tool for discovering internet-wide misconfigurations using zgrab2. |
| [RustScan](https://github.com/rustscan/rustscan) | Fast port scanner using Rust, designed for quick scanning and integration with Nmap. |
| [PETEP](https://github.com/Warxim/petep) | Extensible TCP/UDP proxy for traffic analysis and modification with SSL/TLS support. |
| [TorCrawl](https://github.com/MikeMeliz/TorCrawl.py) | Python-based tool to crawl .onion websites efficiently. |
| [Midnight Sea](https://github.com/RicYaben/midnight_sea) | A dark web crawler designed for flexibility and integration with analysis tools. |
| [Wireshark](https://www.wireshark.org/) | A network protocol analyzer for capturing and analyzing network packets. |
| [Bettercap](https://www.bettercap.org/) | A powerful tool for man-in-the-middle attacks, network sniffing, and WiFi exploitation. |
| [Ettercap](https://github.com/Ettercap/ettercap) | A comprehensive suite for man-in-the-middle attacks on LANs and WiFi networks. |
| [Kismet](https://kismetwireless.net/) | A wireless network detector, sniffer, and intrusion detection system. |
| [Tcpdump](https://www.tcpdump.org/) | A command-line packet analyzer for capturing and analyzing network traffic. |
| [Netcat](https://nmap.org/ncat/) | A networking utility for reading and writing data across networks, often used for debugging. |
| [CrackMapExec](https://github.com/byt3bl33d3r/CrackMapExec) | A post-exploitation tool for pentesters to automate common tasks against networks. |
| [Burp Suite](https://portswigger.net/burp) | A comprehensive suite for web application security testing, including WiFi-related vulnerabilities. |
| [Responder](https://github.com/SpiderLabs/Responder) | A tool for poisoning network traffic and conducting man-in-the-middle attacks. |
| [SSLstrip](https://github.com/moxie0/sslstrip) | A tool that downgrades HTTPS connections to HTTP, enabling interception of traffic. |
| [dnschef](https://github.com/iphelix/dnschef) | A DNS proxy tool that allows for DNS manipulation and phishing attacks. |
| [Fierce](https://github.com/darkoperator/fierce) | A domain scanner tool for DNS reconnaissance, useful for network mapping. |
| [MitM](https://github.com/oxagast/mitm) | A man-in-the-middle framework for intercepting, modifying, and injecting traffic. |
| [HTTP Toolkit](https://httptoolkit.com/) |HTTP Toolkit is an open-source tool for debugging, testing and building with HTTP on Windows, Linux & Mac. 1 click setup for rooted devices. |
| [Sniffnet](https://github.com/GyulyVGC/sniffnet) | Application to comfortably monitor your internet or traffic. |
| [Uptime-Kuma](https://github.com/louislam/uptime-kuma)|A fancy self-hosted monitoring tool.|
| [Nope Proxy](https://github.com/summitt/Nope-Proxy) | Nope is a non-http (TCP and UDP) proxy extension for burp suite. Nope has a built in DNS, port monitor, scripting engine, and proxies for row TCP and UDP sockets. |
|[Pentest Collaboration Framework](https://gitlab.com/invuls/pentest-projects/pcf)|Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!|
|[NetHawk](https://github.com/sergio11/nethawk_analyzer)|An AI-powered tool for ethical hacking and network vulnerability assessment, simplifying deep scans and security audits for professionals.|
|[Windows Network CPR](https://github.com/ivanbg2004/Windows-Network-CPR)|A desperate cry for help disguised as a script. Built for Windows users still pretending their OS knows how networking works. This tool slaps your connection until it behaves — because sometimes, brute force is the only language Microsoft understands. If your IP starts with 169.254, just run this and pray.|
### [↑](#-content) 2.7 RFID
| Tool | Description |
| -------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [Proxmark3](https://proxmark.com/) | A powerful tool for reading, writing, and analyzing RFID and NFC cards. |
| [ChameleonMini](https://github.com/emsec/ChameleonMini) | An RFID emulator for security analysis. |
| [Flipper Zero](https://flipperzero.one/) | A versatile multi-tool device for interacting with RFID, NFC, and other protocols. |
| [ACR122U](https://www.acs.com.hk/en/products/92/acr122u-usb-nfc-reader/) | A USB-based NFC reader and writer commonly used for RFID development and testing. |
| [LibNFC](https://github.com/nfc-tools/libnfc) | An open-source library for using NFC readers and performing RFID interactions. |
| [MIFARE Classic Tool (MCT)](https://github.com/ikarus23/MifareClassicTool) | A mobile app for interacting with MIFARE Classic cards, reading, writing, and analyzing their data. |
| [Cardpeek](https://github.com/L1L1/cardpeek) | A tool for analyzing smart cards, including Calypso-based transit cards, with a focus on data parsing and visualization. |
| [Metrodroid](https://github.com/metrodroid/metrodroid) | A mobile app for reading and analyzing transit cards, providing insights into metro card data. |
| [Metroflip](https://lab.flipper.net/apps/metroflip) | A Flipper Zero app for reading and parsing metro cards, inspired by Metrodroid. It supports multi-protocol card reading and global transit card analysis. |
| [Seader](https://github.com/bettse/seader) | A Flipper Zero application to interface with a SAM from the Flipper Zero over UART |
| [NFC Magic](https://lab.flipper.net/apps/nfc_magic) | A Flipper zero application for writing to NFC tags with modifiable sector 0 |
| [MFOC](https://github.com/nfc-tools/mfoc) | MFOC is an open source implementation of "offline nested" attack |
| [PicoPass](https://lab.flipper.net/apps/picopass)|App to communicate with NFC tags using the PicoPass(iClass) format. |
| [Mifare Fuzzer](https://lab.flipper.net/apps/mifare_fuzzer) |App emulates Mifare Classic cards with various UIDs to check how reader reacts on them. |
| [MFKey](https://lab.flipper.net/apps/mfkey) |MIFARE Classic key recovery tool. |
### [↑](#-content) 2.8 WiFi
| Tools | Description |
| ------------------------------------------------------------- | ------------------------------------------------------------------------------------ |
| [Aireplay-ng](https://www.aircrack-ng.org/doku.php?id=airplay-ng) | A tool for injecting frames into a wireless network to manipulate traffic. |
| [Aircrack-ng](https://www.aircrack-ng.org/) | A suite of tools for cracking WEP and WPA-PSK encryption keys. |
| [Airmon-ng](https://www.aircrack-ng.org/doku.php?id=airmon-ng) | A tool to configure wireless interfaces into monitor mode for packet capture. |
| [Airolib-ng](https://www.aircrack-ng.org/doku.php?id=airolib-ng) | A tool to create and manage a database for cracking WPA/WPA2 networks. |
| [Airegeddon](https://github.com/airgeddon/airgeddon) | A multi-purpose WiFi hacking tool focused on WPA/WPA2 PSK networks. |
| [Wash](https://github.com/aircrack-ng/wash) | A tool to identify routers that are vulnerable to WPS attacks. |
| [Reaver](https://github.com/t6x/reaver-wps-fork) | A tool designed to crack WPS PINs of routers to gain access to WPA networks. |
| [Bully](https://github.com/wiire/pwning) | A tool for brute-forcing WPS PINs of vulnerable routers. |
| [Airbase-ng](https://www.aircrack-ng.org/doku.php?id=airbase-ng) | A tool to create fake access points for testing and social engineering attacks. |
| [Fern WiFi Cracker](https://github.com/savio-code/fern-wifi-cracker) | A GUI-based tool to crack WEP/WPA/WPS encryption on wireless networks. |
| [Wifite](https://github.com/derv82/wifite) | A tool for automating the cracking of WEP and WPA networks. |
| [Wifiphisher](https://github.com/wifiphisher/wifiphisher) | A tool for phishing attacks targeting WiFi networks and capturing credentials. |
| [Ghost Phisher](https://github.com/savio-code/ghost-phisher) | A phishing tool that creates fake access points and social engineering attacks. |
| [Xeno](https://github.com/ia-usgs/Xeno)|Xeno is a wifi pentesting tool designed to show you vulnerabilities in your network.|
### [↑](#-content) 2.9 Bluetooth
| Tools | Description |
| ------------------------------------------------------------- | ------------------------------------------------------------------------------------ |
|[BlueToolkit](https://github.com/sgxgsx/BlueToolkit)|BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices.|
|[Bluelog](http://www.secmaniac.com/bluelog/)|Bluelog is a Bluetooth device discovery tool designed to detect nearby Bluetooth devices and log their information.|
|[Blueranger](https://github.com/GIJack/BlueRanger)|Blueranger is a Bluetooth reconnaissance tool used to find and map Bluetooth devices within range.|
|[BTScanner](https://salsa.debian.org/pkg-security-team/btscanner)|BTScanner is a fast Bluetooth scanner that discovers devices and services, making it useful for penetration testing.|
|[UBERTOOTH](https://ubertooth.sourceforge.io/)|UBERTOOTH is a hardware-based Bluetooth analysis and interception tool, capable of monitoring Bluetooth communications.|
|[GATTacker](https://github.com/securing/gattacker)|GATTacker is a Python-based tool for attacking GATT (Generic Attribute Profile) services on BLE devices.|
|[btlejuice](https://github.com/DigitalSecurity/btlejuice)|btlejuice is a man-in-the-middle attack proxy for BLE communications, allowing interception and manipulation of BLE traffic.|
|[crackle](https://github.com/mikeryan/crackle/)|Crackle is a tool designed to crack Bluetooth pairing keys, helping to test the security of Bluetooth connections.|
|[spooftooph](https://www.kali.org/tools/spooftooph/)|Spooftooph is a Bluetooth spoofing tool that can impersonate other Bluetooth devices, useful for social engineering attacks.|
|[bluemaho](https://github.com/zenware/bluemaho)|Bluemaho is a Bluetooth vulnerability assessment tool that performs various attacks such as BlueSmack and L2CAP ping-of-death.|
|[bluepot](https://github.com/andrewmichaelsmith/bluepot)|BluePot is a Bluetooth honeypot that simulates vulnerable Bluetooth devices to capture attacks and gather intelligence.|
|[blueranger-ng](https://www.kali.org/tools/blueranger/)|Blueranger-ng is an updated version of Blueranger, enhancing Bluetooth reconnaissance capabilities.|
|[bluesnarfer](https://github.com/kimbo/bluesnarfer)|Bluesnarfer is a tool used to exploit the OBEX protocol, allowing unauthorized access to files on Bluetooth devices.|
|[bluediving](https://github.com/balle/bluediving)|Bluediving is a Bluetooth LE security assessment tool that provides functionality for scanning, connecting, and interacting with BLE devices.|
### [↑](#-content) 2.10 Reconnaissance
| **Tool** | **Description** |
| ------------------------------------------------------- | ---------------------------------------------------------------------------- |
| [Nmap](https://nmap.org) | A network scanning tool used for discovering hosts, services, and vulnerabilities on a network. |
| [Netcat](https://nc110.sourceforge.io) | A versatile networking tool used for port scanning, banner grabbing, and transferring files. |
| [Wireshark](https://www.wireshark.org) | A network protocol analyzer that captures and inspects network packets in real-time. |
| [Fierce](https://github.com/mschwager/fierce) | A domain scanner that helps map out a target’s domain infrastructure, including DNS records and subdomains. |
| [Recon-ng](https://github.com/lanmaster53/recon-ng) | A web-based reconnaissance framework that automates OSINT gathering from various sources. |
| [TheHarvester](https://github.com/laramies/theHarvester) | A tool to gather email addresses, subdomains, and other information through search engines and public records. |
| [Masscan](https://github.com/robertdavidgraham/masscan) | A fast network scanner used for scanning large IP ranges to identify open ports. |
| [Dig](https://man7.org/linux/man-pages/man1/dig.1.html) | A command-line tool for querying DNS records and gathering information on domain names. |
| [Sublist3r](https://github.com/aboul3la/Sublist3r) | A tool for discovering subdomains using open-source intelligence. |
| [Censys](https://censys.io) | Provides data on devices, services, and open ports exposed to the internet, assisting in reconnaissance. |
| [Shodan](https://www.shodan.io) | A search engine that scans and indexes devices connected to the internet for reconnaissance. |
| [SpiderFoot](https://www.spiderfoot.net) | An automation tool for gathering intelligence about a target by querying public databases and sources. |
| [Dnsrecon](https://github.com/darkoperator/dnsrecon) | A tool for DNS enumeration, identifying subdomains, and extracting other DNS-related data. |
| [Enum4linux](https://github.com/CiscoCXSecurity/enum4linux) | A tool to gather information from Windows machines by querying SMB shares and services. |
| [EnumeRannden](https://github.com/Rannden-SHA/EnumeRannden)|This tool is designed to streamline and enhance your penetration testing workflow by integrating a variety of essential tools and functionalities into a single script.|
|[Prowler](https://github.com/prowler-cloud/prowler)|Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more.|
### [↑](#-content) 2.11 Bug Bounty
| Tool | Description |
| -------------------------------------------------- | ------------------------------------------------------------------------------------------------ |
| [123Contact Form](https://www.123contactform.com) | A versatile form builder for websites and mobile applications. |
| [99designs](https://99designs.com) | A platform to connect designers with clients needing logos, websites, and more. |
| [Abacus](https://www.abacus.com) | A tool for simplifying expense reporting and tracking for businesses. |
| [Acquia](https://www.acquia.com) | Cloud-based solutions for managing and optimizing digital experiences on Drupal. |
| [ActiveCampaign](https://www.activecampaign.com) | A customer experience automation platform for email marketing and CRM. |
| [ActiveProspect](https://activeprospect.com) | A SaaS platform to automate lead acquisition and qualification processes. |
| [Adobe](https://www.adobe.com) | Industry-leading software solutions for creative professionals, including Photoshop and Acrobat. |
| [AeroFS](https://www.aerofs.com) | A private cloud collaboration tool for secure team file sharing. |
| [Airbitz](https://airbitz.co) | A secure Bitcoin wallet and platform for decentralized applications. |
| [Airbnb](https://www.airbnb.com) | A platform for booking short-term homestays and unique travel experiences. |
| [Algolia](https://www.algolia.com) | A search and discovery API for websites and mobile applications. |
| [Altervista](https://www.altervista.org) | A platform for creating free blogs and websites with monetization options. |
| [Altroconsumo](https://www.altroconsumo.it) | Italy's largest consumer organization offering product reviews and advice. |
| [Amara](https://amara.org) | A tool for creating and managing subtitles for videos collaboratively. |
| [Amazon Web Services](https://aws.amazon.com) | A comprehensive cloud platform offering computing power, storage, and other services. |
| [Amazon.com](https://www.amazon.com) | The world's largest online retailer offering a vast array of products and services. |
| [ANCILE Solutions Inc.](https://www.ancile.com) | Solutions for creating and delivering on-demand learning and performance support. |
| [Anghami](https://www.anghami.com) | A music streaming platform focused on Arabic content. |
| [ANXBTC](https://anxbtc.com) | A Bitcoin trading and exchange platform. |
| [Apache httpd](https://httpd.apache.org) | An open-source HTTP server for hosting websites and applications. |
| [Appcelerator](https://www.appcelerator.com) | A cross-platform mobile app development tool. |
| [Apple](https://www.apple.com) | A global leader in consumer electronics, software, and online services. |
| [Apptentive](https://www.apptentive.com) | A platform for mobile app engagement and customer feedback. |
| [Aptible](https://www.aptible.com) | A security and compliance platform for DevOps teams. |
| [Ardour](https://ardour.org) | A digital audio workstation for recording, editing, and mixing sound. |
| [Arkane](https://www.arkane.network) | A blockchain wallet and API service for developers. |
| [ARM mbed](https://www.mbed.com) | A platform for IoT device development and deployment. |
| [Asana](https://asana.com) | A project management tool for team collaboration and task tracking. |
| [YesWeHack](https://www.yeswehack.com) | A global bug bounty and vulnerability disclosure platform. |
| [intigriti](https://www.intigriti.com) | A leading European platform for crowdsourced security testing. |
| [HackerOne](https://www.hackerone.com) | A vulnerability coordination and bug bounty platform connecting businesses with hackers. |
| [Bugcrowd](https://www.bugcrowd.com) | A platform offering managed bug bounty programs and vulnerability disclosure. |
| [Cobalt](https://cobalt.io) | A pen-testing as a service platform with a global community of security experts. |
| [Bountysource](https://www.bountysource.com) | A funding platform for open-source projects and software development bounties. |
| [Bounty Factory](https://bountyfactory.io) | A platform for launching bug bounty programs with a community of ethical hackers. |
| [BMW Group Bug Bounty](https://www.bmwgroup.com/en/general/Security.html)| The security of our products and services is top priority for us |
| [Coder Bounty](https://coderbounty.com) | A platform for developers to earn rewards by solving coding challenges. |
| [FreedomSponsors](https://www.freedomsponsors.org) | A funding platform for open-source software improvements and bug fixes. |
| [FOSS Factory](https://fossfactory.org) | A platform for funding free and open-source software development. |
| [Synack](https://www.synack.com) | A crowdsourced security platform combining automation with a network of ethical hackers. |
| [HackenProof](https://hackenproof.com) | A bug bounty and vulnerability coordination platform for businesses. |
| [Detectify](https://detectify.com) | A SaaS platform offering web vulnerability scanning and crowdsourced security. |
| [Bugbountyjp](https://bugbounty.jp) | A Japanese platform for launching and managing bug bounty programs. |
| [Safehats](https://safehats.com) | A vulnerability coordination platform for organizations to work with ethical hackers. |
| [BugbountyHQ](https://www.bugbountyhq.com) | A community platform for ethical hackers to collaborate and find bug bounty opportunities. |
| [Hackerhive](https://hackerhive.com) | A security platform for crowdsourced vulnerability assessments and bug bounties. |
| [Hacktrophy](https://www.hacktrophy.com) | A Slovak bug bounty platform for finding vulnerabilities in digital assets. |
| [AntiHACK](https://antihack.me) | A bug bounty and penetration testing platform based in Asia. |
| [CESPPA](https://cesppa.com) | A cybersecurity and bug bounty platform for coordinated vulnerability disclosure. |
|[Bug Bounty Hunting](https://www.bugbountyhunting.com/)|Bug Bounty Hunting Search Engine|
|[exifharvester](https://github.com/msegoviag/exifharvester)|Automatic tool for extracting EXIF metadata from website images and sets of URLs. A perfect tool for bug hunters and OSINT researchers.|
|[Ripper Web Content - Capture Metadata Content](https://chromewebstore.google.com/detail/ripper-web-content-captur/popfhajlkgkiecedhefhifccngogomgh?hl=es&authuser=0&pli=1)|Extension that analyses and extracts metadata from content found on the web.|
### [↑](#-content) 2.12 Binary Explotation
| Tool | Description |
| -------------------------------------------------- | ------------------------------------------------------------------------------------------------ |
|[Nightmare](https://guyinatuxedo.github.io/index.html)|Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges. I call it that because it's a lot of people's nightmare to get hit by weaponized 0 days, which these skills directly translate into doing that type of work.|
|[pwntools](https://github.com/Gallopsled/pwntools)|CTF framework and exploit development library|
|[gef](https://github.com/hugsy/gef)|GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux|
|[Angr](https://angr.io/)| angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic ("concolic") analysis, providing tools to solve a variety of tasks.|
### [↑](#-content) 2.13 CCTV
| Tool | Description |
| -------------------------------------------------- | ------------------------------------------------------------------------------------------------ |
|[HackCCTV](https://github.com/mohammadmahdi-termux/hackCCTV/) |Python Script for CCTV around the world.|
## 3. [↑](#-content) Cryptography
### 3.1 [↑](#-content) Cryptography
| Tools | Description |
| ------------------------------------------------ | -------------------------------------------------------------------------------------- |
| [xortool](https://github.com/hellman/xortool) | A tool to analyze multi-byte XOR cipher |
| [John the Ripper](http://www.openwall.com/john/) | A fast password cracker |
| [Aircrack](http://www.aircrack-ng.org/) | Aircrack is 802.11 WEP and WPA-PSK keys cracking program. |
| [Ciphey](https://github.com/ciphey/ciphey) | Automated decryption tool using artificial intelligence & natural language processing. |
| [Cyberchef](https://gchq.github.io/CyberChef) | A powerful web-based tool