Authorized security testing workspace. v2 TypeScript terminal product on release; v1 Python on pypi-release; Go branch is demo only.
Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates shares, recursively scans files with regex/keyword rules, highlights matched tokens on screen, and exports clean ASCII tables. Supports DOCX/PDF/legacy Office and depth limits.
Advanced mobile security research platform for authorized testing and educational purposes
WebSource Harvester is an educational web-source harvester that crawls a site (BFS, depth-controlled), downloads browser-visible assets (HTML, CSS, JS, images, fonts, PDFs), and rewrites paths so pages work offline, including nested routes. It enforces same-origin limits and is designed for learning, offline analysis, and safe portfolio demos.
Powerful Python SSH brute force tool with multi-threaded architecture, advanced honeypot detection, real-time statistics, and system reconnaissance. Perfect for authorized security testing and penetration testing.
Credential Reuse0r is a fast, multithreaded offensive security tool for testing credential reuse across multiple network services, especially in Windows Active Directory environments.
SMB Inspect0r is a fast multithreaded Python tool to scan networks for accessible SMB shares, supporting both anonymous and authenticated logins. Features include progress tracking, and detailed output of discovered shares.
A lightweight Rust CLI for authorized JWT security testing and lab use.
AD-Descript0r is a Python tool for Active Directory reconnaissance. It authenticates against a Domain Controller, retrieves all usernames and their descriptions, and displays the results in a clean table with colored output
Advanced network stress testing tool for controlled environments. Multi-protocol packet generation (UDP/TCP/ICMP/IPv6/ARP) with built-in safety validation, audit logging, and real-time statistics. Designed for authorized network testing and educational purposes only.
RTSP Brute Force Tool: A powerful utility for security testing of RTSP services through systematic credential brute forcing, designed for ethical hacking and educational purposes.
Blackbox pentesting agent for controlled local labs, evidence gated exploit chains, memory-assisted learning, and benchmark eval.
Discover 200+ CTF and bug bounty payloads with 8 categories for fast testing, research, and exploit development
Post-exploitation keylogger with C2 listener for authorized red team engagements
Shellcode Weaver is a professional security research and educational tool designed for authorized testing and learning about shellcode generation, analysis, and mutation. Written in Python, it serves as a comprehensive toolkit for security professionals, researchers, and students who need to understand low-level code execution and security testing
Offensive payload generator: reverse shells, web shells, XSS/SQLi/CMDi/LFI payloads with encoding variants
Encoding-transformation utility for authorized testing, defensive validation and controlled lab learning.
分类:安全研究|HexStrike AI MCP 安全工具研究与观察
Authorized DuckyScript payload to install Windows-MCP and report status to Discord.
Add a description, image, and links to the authorized-testing topic page so that developers can more easily learn about it.
To associate your repository with the authorized-testing topic, visit your repo's landing page and select "manage topics."