Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
NsablocklistHOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
AttifyosAttify OS - Distro for pentesting IoT devices
KeyloggerGet Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
CharlatanoProves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems
ZipA portable, simple zip library written in C
Ios Debug Hacks🎯 Advanced debugging skills used in the iOS project development process, involves the dynamic debugging, static analysis and decompile of third-party libraries. iOS 项目开发过程中用到的高级调试技巧,涉及三方库动态调试、静态分析和反编译等领域
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
ThefatratThefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
DvwaDamn Vulnerable Web Application (DVWA)
FavfreakMaking Favicon.ico based Recon Great again !
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
RedcloudAutomated Red Team Infrastructure deployement using Docker
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Impulse💣 Impulse Denial-of-service ToolKit
Name That Hash🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥
Onexonex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
OsrframeworkOSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
HacktheworldAn Python Script For Generating Payloads that Bypasses All Antivirus so far .
HerculesHERCULES is a special payload generator that can bypass antivirus softwares.
A2svAuto Scanning to SSL Vulnerability
Autoblue Ms17 010This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
Saint👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]
Logkeys📝 ⌨️ A GNU/Linux keylogger that works!
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
ReconpiReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
DarthsidiousBuilding an Active Directory domain and hacking it
HackerproAll in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
InstainsaneMulti-threaded Instagram Brute Forcer (100 attemps at once)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
GobyAttack surface mapping
PentestkitUseful tools and scripts during Penetration Testing engagements
Hacking Tools RepositoryA list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
HulkHULK DoS tool ported to Go with some additional features.