Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Stars: ✭ 775 (+416.67%)

Mutual labels: hacking, pentest, infosec

Spiderfoot

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Stars: ✭ 6,882 (+4488%)

Mutual labels: osint, infosec, pentest

Iky

OSINT Project

Stars: ✭ 203 (+35.33%)

Mutual labels: osint, hacking, infosec

Cloakify

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Stars: ✭ 1,136 (+657.33%)

Mutual labels: hacking, pentest, infosec

Raccoon

A high performance offensive security tool for reconnaissance and vulnerability scanning

Stars: ✭ 2,312 (+1441.33%)

Mutual labels: osint, hacking, offensive-security

aquatone

A Tool for Domain Flyovers

Stars: ✭ 43 (-71.33%)

Mutual labels: osint, infosec, pentest

Urlcrazy

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Stars: ✭ 150 (+0%)

Mutual labels: osint, hacking, infosec

Gosint

OSINT Swiss Army Knife

Stars: ✭ 401 (+167.33%)

Mutual labels: osint, pentest, infosec

Asnlookup

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Stars: ✭ 163 (+8.67%)

Mutual labels: hacking, pentest, infosec

Crithit

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Stars: ✭ 182 (+21.33%)

Mutual labels: hacking, infosec, offensive-security

Reconspider

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Stars: ✭ 621 (+314%)

Mutual labels: osint, hacking, pentest

Reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Stars: ✭ 974 (+549.33%)

Mutual labels: hacking, pentest, sqli

View All Similar Projects ➔

Offensive Dockerfiles

Security-oriented Docker containers, ready to fire!

This repository contains a collection of security-oriented tools as Dockerfiles.

This makes it easy to deploy various mission dependent tools using common cloud providers (AWS, Azure, Linode..).

The containers are built using Docker. Each container is made to suit required dependencies for each tool.

⭐️ Features

Cross-platform deploy helper script included
Manage cloud-based scans and attacks from your terminal
Datacenter fiber internet connection, but still from your terminal!
Keep your local environment clean from all those attack toolz
☁️ Become a real nomad ninja ☁️
Mix and match with the Red Team Infractructure Guide and Red Baron!

Efforts have been made to keep Dockerfiles minimal.

🔍 Example with sqlmap:

git clone https://github.com/khast3x/Offensive-Dockerfiles.git
cd Offensive-Dockerfiles/sqlmap
docker build -t sqlmap .
docker run -it sqlmap:latest --wizard

🔍 deployHelper binary demo:

🚀 Working:

Name	Description
tulpar	Web Vulnerability Scanner
nmap + Vulscan + Vulners scripts	Latest Nmap Scripting Engine (NSE) modules, as well as the Vulscan NSE script and the vulners API to NSE script.
sqlmap	Automatic SQL injection and database takeover tool
dcrawl	Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names.
V3n0m Scanner	Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
golismero	The Web Knife
sqliv	massive SQL injection vulnerability scanner
datasploit	Performs OSINT on a domain / email / username / phone
gitminer	Tool for advanced mining for content on Github
Cr3d0v3r	Know the dangers of credential reuse attacks
UFONet	UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
Striker	Striker is an offensive information and vulnerability scanner
emailHarvester	Email addresses harvester
BruteX	Automatically brute force all services running on a target
BlackWidow	A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website
Shiva	Improved DOS exploit for wordpress websites (CVE-2018-6389)
Memcrashed	This tool allows you to send forged UDP packets to Memcached servers obtained from Shodan.io
ctfr	Domain enumeration, it just abuses of Certificate Transparency logs
twa	A tiny web auditor with strong opinions
Photon	Incredibly fast crawler designed for OSINT
CMSeek	CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 130 other CMSs
HashBuster	Crack hashes in seconds

To push to repo (currently are sitting as forks)

CloudScraper
hershell
Merlin

Notes:

Adding them as I go. Don't expect production-ready images
Uses either python-slim or python-alpine
Tools will show help dialog if no arguments are passed

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 150

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (2) 🔗