A centralised repository of the newest and top-rated infosec tools and content. Get your profile on Pentestlist.com now! 🙏
Joined May 2024
- Tweets 527
- Following 209
- Followers 802
- Likes 587
144 Photos and videos
Apr 12
Name one feature in your SaaS that, if you had shipped it one sprint, one quarter, or even one year earlier, could have completely changed your growth trajectory.
1
64
11 Oct 2025
🚨 Pentest List Tool Spotlight 🚨
EnumEDRs
Tool written in C which enumerates EDR's running on the system by enumerating current processes and loaded drivers. It loops through both of them and print if any defined EDR's are present.
github.com/0xJs/EnumEDRs
2
112
Pentest List retweeted
10 Oct 2025
When we launched PentestList v1 last year, I just wanted a simple place to find the best and newest infosec resources.
Today, I’m releasing PentestList v2 🚀
After a year of feedback and some user growth, we’ve redesigned the experience and added a bunch of new features:
✅ User Dashboard
✅ Utilities (DNS/TLS checks, OSINT tools, etc)
✅ Connect (find others like you)
Go take a look, if you want..
You might see some familiar faces @_JohnHammond @NahamSec @NetworkChuck @TomNomNom
3
11
50
7,903
Pentest List retweeted
9 Oct 2025
PentestList v2, coming very soon...
2
18
153
9,134
Pentest List retweeted
3 Oct 2025
Had one beta tester so far.. and I quote:
"Yoooo that's awesome lol. I like this. More consolidated and better layout"
1
126
Pentest List retweeted
3 Oct 2025
I released PentestList in mid 2024.
The idea was good, it built some nice visitor statistics, but there was a lot that needed improving.
Does anyone want to beta test PentestList v2?
1
1
2
327
Pentest List retweeted
15 Sep 2025
Had @techspence's tweet bookedmarked for nearly a month😅. Just used it, along with some of my own thoughts and AIs suggestions to come up with a nice list to add to my internal pentest notes.
Too big for one tweet so check replies😄
18 Aug 2025
Types of credential files I look for on internal pentests:
- kdbx
- unattend
- web config
- config/ini
- ps1/bat/cmd/vba
- sql
- vmdk (not a cred file but obv has stored creds)
- BCDR documentation
- powershell console history
There are others I’m surely missing off the top of my head…
1
4
32
8,781
Pentest List retweeted
25 Aug 2025
I always forget to delete 2FA tokens from my mobile app after I have finished a security assessment and the account has been deleted.
I have so many tokens and I don't know which are still used and which are not😅So, I fixed that issue:
github.com/MrTurvey/temp2fa
1
1
4
192
Pentest List retweeted
21 Aug 2025
You know what's annoying on security assessments?
Web proxies and hardened machines (No USB, no SMB, etc)
So, avoid that and use my new tool. It incorporates Cloudflared to ~hopefully~ bypass web proxies and allow you to get data out of the environment.
github.com/MrTurvey/slipstre…
1
2
3
270
Pentest List retweeted
6 Aug 2025
Do you need a VPN right now? Well, I made a tool.
It uses AWS and @WireGuardVPN to give you a new IP address, in minutes.
Simply copy the client config into your WireGuard app
github.com/MrTurvey/FastWGvp…
2
7
366
5 Jul 2025
🚨 Pentest List Tool Spotlight 🚨
Secrets Ninja
Secrets Ninja is an GUI tool for validating & investigating API keys discovered during pentesting & bug bounty hunting.
Find it here: secrets.ninja/autopilot
#bugbounty #appsec
2
176
2 Jul 2025
🚨 Pentest List Tool Spotlight 🚨
proxyblob
SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication
Find it here: github.com/quarkslab/proxybl…
2
114
20 Jun 2025
🚨 Pentest List Tool Spotlight 🚨
CrossLinked
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Find it here: github.com/m8sec/CrossLinked
3
106
6 Jun 2025
🚨 Pentest List Tool Spotlight 🚨
evil-winrm-py
Execute commands interactively on remote Windows machines using the WinRM protocol
Find it here: github.com/adityatelange/evi…
1
2
334
3 Jun 2025
🚨 Pentest List Tool Spotlight 🚨
RedTeamTP
Automated deployment of red team infrastructure through GitHub Actions. It supports configurable C2 frameworks and phishing.
Find it here: github.com/CultCornholio/Red…
4
149
20 May 2025
🚨 Pentest List Tool Spotlight 🚨
PowerDodder
A persistence utility for stealthily embedding commands into existing script files by leveraging files that are frequently accessed but rarely modified.
Find it here: github.com/itaymigdal/PowerD…
1
87
19 May 2025
🚨 Pentest List Tool Spotlight 🚨
EntraFalcon
PowerShell tool for assessing the security of Entra ID environments. Identify privileged objects, risky assignments, and potential misconfigurations.
Find it here: github.com/CompassSecurity/E…
1
173
28 Feb 2025
🚨 Pentest List Tool Spotlight 🚨
HExHTTP
HExHTTP is a tool designed to perform tests on HTTP headers and analyze the results to identify vulnerabilities and interesting behaviours.
Find it here: github.com/c0dejump/HExHTTP
1
130
19 Feb 2025
🚨 Pentest List Tool Spotlight 🚨
psudohash
Generates millions of keyword-based password mutations in seconds.
Find it here: github.com/t3l3machus/psudoh…
3
163
8 Jan 2025
🚨 Pentest List Tool Spotlight 🚨
ADcheck
Assess the security of your Active Directory with few or all privileges.
Find it here: github.com/CobblePot59/ADche…
#redteam #blueteam #bugbounty
167