DvwaDamn Vulnerable Web Application (DVWA)
Stars: ✭ 5,727 (+451.73%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (-71.1%)
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
Stars: ✭ 25 (-97.59%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (-10.02%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-97.88%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (-62.72%)
organonThis program focuses on automating the download, installation and compilation of pentest tools from source
Stars: ✭ 36 (-96.53%)
Cs7038 Malware AnalysisCourse Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
Stars: ✭ 378 (-63.58%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (-92.58%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-63.58%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+646.82%)
PyrdpRDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Stars: ✭ 567 (-45.38%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-71.39%)
DiodbOpen-source vulnerability disclosure and bug bounty program database.
Stars: ✭ 654 (-36.99%)
Searpy🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (-89.98%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+302.02%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (-94.89%)
ChangemeA default credential scanner.
Stars: ✭ 928 (-10.6%)
PhirauteeA proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
Stars: ✭ 96 (-90.75%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-96.72%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-37.96%)
SubfinderSubfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Stars: ✭ 4,509 (+334.39%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+713.97%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (-45.66%)
Pentest LabPentest Lab on OpenStack with Heat, Chef provisioning and Docker
Stars: ✭ 353 (-65.99%)
giggerGit folder digger, I'm sure it's worthwhile stuff.
Stars: ✭ 39 (-96.24%)
Cve 2019 07083389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Stars: ✭ 350 (-66.28%)
MooscanA scanner for Moodle LMS
Stars: ✭ 22 (-97.88%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (-35.07%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (-66.76%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-83.91%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (-40.17%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-95.57%)
WinappdbgWinAppDbg Debugger
Stars: ✭ 338 (-67.44%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (-68.88%)
TakeoverA tool for testing subdomain takeover possibilities at a mass scale.
Stars: ✭ 28 (-97.3%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (-23.8%)
PywerviewA (partial) Python rewriting of PowerSploit's PowerView
Stars: ✭ 292 (-71.87%)
IdentywafBlind WAF identification tool
Stars: ✭ 291 (-71.97%)
ConstoleScan for and exploit Consul agents
Stars: ✭ 37 (-96.44%)
Pentest EnvPentest environment deployer (kali linux + targets) using vagrant and chef.
Stars: ✭ 610 (-41.23%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (-93.06%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (-13.58%)
Jsfscan.shAutomation for javascript recon in bug bounty.
Stars: ✭ 287 (-72.35%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-46.44%)
SubzySubdomain takeover vulnerability checker
Stars: ✭ 287 (-72.35%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+237.48%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-24.28%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+472.54%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+234.59%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+226.69%)