Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Stars: ✭ 121 (-22.93%)

Mutual labels: pentesting, pentest-tool

Ssrf Testing

SSRF (Server Side Request Forgery) testing resources

Stars: ✭ 1,718 (+994.27%)

Mutual labels: pentesting, pentest-tool

Jwtxploiter

A tool to test security of json web token

Stars: ✭ 130 (-17.2%)

Mutual labels: pentesting, pentest-tool

Ldap search

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Stars: ✭ 78 (-50.32%)

Mutual labels: pentesting, pentest-tool

Cloakify

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Stars: ✭ 1,136 (+623.57%)

Mutual labels: pentesting, pentest-tool

Pentest Notes

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Stars: ✭ 89 (-43.31%)

Mutual labels: pentesting, security-audit

Resources

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Stars: ✭ 62 (-60.51%)

Mutual labels: pentesting, security-audit

Vulmap

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Stars: ✭ 1,079 (+587.26%)

Mutual labels: pentesting, pentest-tool

Sqlite Lab

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Stars: ✭ 140 (-10.83%)

Mutual labels: pentesting, security-audit

Nmap Nse Info

Browse and search through nmap's NSE scripts.

Stars: ✭ 54 (-65.61%)

Mutual labels: pentesting, pentest-tool

Burpsuite Collections

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Stars: ✭ 1,081 (+588.54%)

Mutual labels: pentesting, pentest-tool

Horn3t

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Stars: ✭ 120 (-23.57%)

Mutual labels: pentesting, security-audit

View All Similar Projects ➔

Git Scanner Framework

This tool can scan websites with open .git repositories for Bug Hunting/ Pentesting Purposes and can dump the content of the .git repositories from webservers that found from the scanning method. This tool works with the provided Single target or Mass Target from a file list.

Installation

- git clone https://github.com/HightechSec/git-scanner
- cd git-scanner
- bash gitscanner.sh

or you can install in your system like this

- git clone https://github.com/HightechSec/git-scanner
- cd git-scanner
- sudo cp gitscanner.sh /usr/bin/gitscanner && sudo chmod +x /usr/bin/gitscanner
- $ gitscanner

Usage

Menu's
- Menu 1 is for scanning and dumping git repositories from a provided file that contains the list of the target url or a provided single target url.
- Menu 2 is for scanning only a git repositories from a provided file that contains the list of the target url or a provided single target url.
- Menu 3 is for Dumping only the git repositories from a provided file that contains list of the target url or a provided single target url. This will work for the Maybe Vuln Results or sometimes with a repository that had directory listing disabled or maybe had a 403 Error Response.
- Menu 4 is for Extracting files only from a Folder that had .git Repositories to a destination folder
URL Format
- Use http:// like http://example.com or https:// like https://example.com for the url formatting
- Make sure use this format in the files that contains the list of possible target that you have, Example:
Extractor
- When using Extractor, make sure the location of the git repositories that you select are correct. Remember, The first option is for inputing the Selected git repository and the second option is for inputing the Destination folder

Requirements

curl
bash
git
sed

Todos

Creating a Docker Images if it's possible
~~Adding Extractor on the next Version~~ Added in version 1.0.2#beta but still experimental.
Adding ~~Thread Processing~~ Multi Processing (Bash doesn't Support Threading)

Changelog

All notable changes to this project listed in this file

Credits

Thanks to:

GitTools by internetwache
Mass Git Scanner by Ade Little

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 157

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (2) 🔗