WhatWaf – Detect and bypass web application firewalls

WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall,

Heralding – Credentials catching honeypot

Heralding is low interaction honeypot that will allow user to emulate several protocols with a credentials user interface.

Bettercap – swiss army knife for network attacks and monitoring

Bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack.

DetectionLab – Lab environment with complete security tooling

DetectionLab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online

SniffAir – A framework for wireless pentesting

SniffAir is an open-source wireless security framework which provides the ability to easily parse passively collected wireless data as well as launch sophisticated wireless attacks.

Pacu – AWS penetration testing toolkit

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments.

Parrot – security-oriented operating system

Parrot (Parrot Security, ParrotOS, Parrot GNU/Linux) is a free and open source GNU/Linux distribution based on Debian Testing designed for security experts, developers and privacy aware people.