MeduzaA more or less universal SSL unpinning tool for iOS
CloudmareCloudflare, Sucuri, Incapsula real IP tracker.
Mysql Unsha1Authenticate against a MySQL server without knowing the cleartext password
StracciatellaOpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
PsbypassclmBypass for PowerShell Constrained Language Mode
WhatwafDetect and bypass web application firewalls and protection systems
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Pingtunnelping tunnel is a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
HumanoidNode.js package to bypass CloudFlare's anti-bot JavaScript challenges
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
AttUsing Asuswrt-Merlin to bypass AT&T's residential gateway
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
MhddosBest DDoS Attack Script Python3, Cyber Attack With 36 Method
NsudoSeries of System Administration Tools
EmofishesEmofishes is a collection of proof of concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).
Ripv6Random IPv6 - circumvents restrictive IP address-based filter and blocking rules
SpookflareLoader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
ThefatratThefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
HacktheworldAn Python Script For Generating Payloads that Bypasses All Antivirus so far .
BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Trustmealready🔓 Disable SSL verification and pinning on Android, system-wide
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Hack🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Bebasidbebasid dapat membantu membuka halaman situs web yang diblokir oleh pemerintah Indonesia dengan memanfaatkan hosts file.
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
MouseInjectDetectionSimple method of checking whether or not mouse movement or buttons (<windows 10) are injected
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
CFX-BYPASSBypass it, you won't be Banned when playing cheats 2022
bypassAV免杀 defender 360 cobalstrike shellcode
Mega-index-herokuMega nz heroku index, Serves mega.nz to http via heroku web. It Alters downloading speed and stability