List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Stars: ✭ 34 (-29.17%)

Mutual labels: pentest, hacking-tool, pentest-tool

aquatone

A Tool for Domain Flyovers

Stars: ✭ 43 (-10.42%)

Mutual labels: pentest, hacking-tool, reconnaissance

Awesome Bbht

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Stars: ✭ 190 (+295.83%)

Mutual labels: exploitation, hacking-tool, reconnaissance

Hacker Roadmap

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Stars: ✭ 7,752 (+16050%)

Mutual labels: pentest, exploitation, hacking-tool

Dumpsterfire

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Stars: ✭ 775 (+1514.58%)

Mutual labels: pentest, hacking-tool, pentest-tool

Vulnx

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Stars: ✭ 1,009 (+2002.08%)

Mutual labels: pentest, exploitation, hacking-tool

Cloakify

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Stars: ✭ 1,136 (+2266.67%)

Mutual labels: pentest, hacking-tool, pentest-tool

Sippts

Set of tools to audit SIP based VoIP Systems

Stars: ✭ 116 (+141.67%)

Mutual labels: pentest, hacking-tool, pentest-tool

Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Stars: ✭ 103 (+114.58%)

Mutual labels: exploitation, vulnerability-scanners, pentest-tool

Raccoon

A high performance offensive security tool for reconnaissance and vulnerability scanning

Stars: ✭ 2,312 (+4716.67%)

Mutual labels: hacking-tool, reconnaissance, pentest-tool

AttackSurfaceManagement

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Stars: ✭ 45 (-6.25%)

Mutual labels: hacking-tool, vulnerability-scanners, reconnaissance

Osmedeus

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Stars: ✭ 3,391 (+6964.58%)

Mutual labels: hacking-tool, reconnaissance, pentest-tool

Xattacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Stars: ✭ 897 (+1768.75%)

Mutual labels: pentest, exploitation, hacking-tool

Xssor2

XSS'OR - Hack with JavaScript.

Stars: ✭ 1,969 (+4002.08%)

Mutual labels: pentest, hacking-tool, pentest-tool

volana

🌒 Shell command obfuscation to avoid detection systems

Stars: ✭ 38 (-20.83%)

Mutual labels: pentest, exploitation, pentest-tool

Reconky-Automated Bash Script

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Stars: ✭ 167 (+247.92%)

Mutual labels: exploitation, reconnaissance

YAPS

Yet Another PHP Shell - The most complete PHP reverse shell

Stars: ✭ 35 (-27.08%)

Mutual labels: pentest, pentest-tool

View All Similar Projects ➔

          ``                                                              
     `:    .//-.   -:-`                                                   
   `  -s`   `odo-`  .y+.                                                  
   /   od+`   .dmy+.  omo-                                                
   +:  `hNy.   -sMNs-``/Nd+.        ▄▄· ▄▄▌   ▄▄▄· ▄▄▌ ▐ ▄▌▄▄▌  ▄▄▄ .▄▄▄  
   .d/` .hMd/-` .yMMm/``-yMh.      ▐█ ▌▪██•  ▐█ ▀█ ██· █▌▐███•  ▀▄.▀·▀▄ █·
   `oN+  -NMh:. .-NMMy. `-mMm:`    ██ ▄▄██▪  ▄█▀▀█ ██▪▐█▐▐▌██▪  ▐▀▀▪▄▐▀▀▄ 
    -MN. `/mMm+. .ohNNs. `.sMN/`   ▐███▌▐█▌▐▌▐█ ▪▐▌▐█▌██▐█▌▐█▌▐▌▐█▄▄▌▐█•█▌
    -dMo` `yNMm:`  `-hM+.  `sNh.   ·▀▀▀ .▀▀▀  ▀  ▀  ▀▀▀▀ ▀▪.▀▀▀  ▀▀▀ .▀  ▀
    `.dM/  `-dMh-`   -Nm/.   :d+                                          
     -mMd:`  :mN+`    -sy`    `:                                          
      +dMs`   .ss`      /.      `  		by truerandom
       .mN:    .o-       `         
        .+s      -`                
          .:

Crawleet

Web Recon & Exploitaition Tool.
It detects and exploit flaws in:

Drupal
Joomla
Magento
Moodle
OJS
Struts
Wordpress

And enumerates themes, plugins and sensitive files
Also detects:

Crypto mining scripts
Malware

The tool is extensible using xml files.

Installation

Use linuxinstaller.sh
Or use pip to install the following libraries:
- requests
- anytree
- lxml

Usage

python crawleet.py -u <starting url>
python crawleet.py -l <file with sites>

Report

It generates reports in the following formats

html
txt
xml

All Options

Options:
  -h, --help            show this help message and exit
  -a USERAGENT,		--user-agent=USERAGENT
                        Set User agent
  -b, --brute           Enable Bruteforcing for resource discovery
  -c CFGFILE,		--cfg=CFGFILE
                        External tools config file
  -d DEPTH,		--depth=DEPTH
                        Crawling depth
  -e EXCLUDE,		--exclude=EXCLUDE
                        Resources to exclude (comma delimiter)
  -f,			--redirects       
			Follow Redirects
  -g STARTLINKS, --startlinks=STARTLINKS
                        Add additional start links to crawl
  -i TIME,		--time=TIME
			Delay between requests 
  -k COOKIES,		--cookies=COOKIES
                        Set cookies
  -l SITELIST,		--site-list=SITELIST
                        File with sites to scan (one per line)
  -m,			--color
			Colored output
  -n TIMEOUT,		--timeout=TIMEOUT
                        Timeout for request
  -o OUTPUT,		--output=OUTPUT
                        Output formats txt,html
  -p PROXY, 		--proxy=PROXY
                        Set Proxies "http://ip:port;https://ip:port"
  -r, 			--runtools
			Run external tools
  -s, 			--skip-cert
			Skip Cert verifications
  -t,			--tor
			Use tor
  -u URL,		--url=URL
			Url to analyze
  -v,			--verbose
			Verbose mode
  -w WORDLIST, 		--wordlist=WORDLIST
                        Bruteforce wordlist
  -x EXTENSIONS,	--exts=EXTENSIONS
                        Extensions to use for bruteforce
  -y, 			--backups
			Search for backup files
  -z MAXFILES,		--maxfiles=MAXFILES
                        Max files in the site to analyze
  --datadir=DATADIR	data directory
  --save                Save the start page source code
  --threads=THREADS     Number of threads to use

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

truerandom / crawleet

Programming Languages

Labels

Projects that are alternatives of or similar to crawleet

Crawleet

Installation

Usage

Report

All Options