A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

MCP server for AI agent for cybersecurity: automate assessment of documents, questionnaires & reports. Multi-format parsing, RAG knowledge base,Risks, compliance gaps, remediations.

Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates shares, recursively scans files with regex/keyword rules, highlights matched tokens on screen, and exports clean ASCII tables. Supports DOCX/PDF/legacy Office and depth limits.

Free, open-source Microsoft 365 security assessment tool. Evaluates 23 findings, auto-remediates with rollback, generates professional reports, and simulates attack chains. Windows, local, no data leaves your machine.

MAES: M365 Analyzer & Extractor Suite Po

NIST Cybersecurity Framework (CSF) Profile Assessment Tool - Track controls, assign ownership, document findings, score security states, and export for visualization

PowerShell security reporting framework for Microsoft 365 identity posture assessment. Analyzes Authentication Context, PIM, Conditional Access & more.

PowerShell toolkit for assessing DES/RC4 Kerberos encryption in Active Directory. Detects weak encryption across domain controllers, trusts, and event logs. Built for the January 2026 update and July 2026 RC4 removal deadlines.

RoboMate-Cloud-Automation

AI-powered security research assistant for Claude Code — structured assessment workflows, tool orchestration, and professional reporting across recon, enumeration, vulnerability scanning, and secrets auditing. Built for security researchers and bug bounty hunters who want Claude as an analyst, not a command generator.

GitIntel is a robust GitHub OSINT tool crafted to reveal concealed insights from GitHub repositories and user profiles. Its capabilities make it an invaluable resource for ethical hacking, security assessments, and intelligence gathering in the realm of software development.

Rogue.sh is an automated Bash script for Linux systems that performs Nmap scans, sets up Metasploit, exploits vulnerabilities, downloads sensitive files, gathers credentials, and executes post-exploitation tasks, providing a comprehensive overview of a target system's vulnerabilities and security measures.

MottaHunter: Advanced email reconnaissance tool for security professionals. Hunt emails across Google, Twitter, and LinkedIn, validate via SMTP, and generate smart permutations. Features rate limiting, catch-all detection, and permutation splitting for stealth operations.

Metadata-first trust control plane for authorized security workflows, evidence retention, release trust, and business-flow proof.

Cross-platform mobile device analysis framework for Android and iOS security research, penetration testing, and forensic analysis. Python-based toolkit with comprehensive device introspection, vulnerability scanning, and advanced manipulation capabilities.

SQL Server Security Assessment tool

AWS security assessment platform with AI-powered analysis

AD April ’26 Check0r is a read-only PowerShell tool to assess on-prem AD for the April 2026 Kerberos RC4→AES change. It inventories SPN accounts, flags risky msDS-SupportedEncryptionTypes/KDC overrides, and collects DC System readiness events (201–209) to predict breakage and guide fixes.

Powerful Python SSH brute force tool with multi-threaded architecture, advanced honeypot detection, real-time statistics, and system reconnaissance. Perfect for authorized security testing and penetration testing.

Credential Reuse0r is a fast, multithreaded offensive security tool for testing credential reuse across multiple network services, especially in Windows Active Directory environments.