Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-52.09%)
BrutedumBruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
Stars: ✭ 212 (-44.5%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+718.32%)
RubyfuRubyfu, where Ruby goes evil!
Stars: ✭ 228 (-40.31%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (-0.26%)
WebanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (-18.59%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-70.16%)
Terminhack👨💻 Impress your friends by pretending to be a real hacker
Stars: ✭ 73 (-80.89%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (-28.53%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (-21.47%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-86.39%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (-10.47%)
SSI Extra MaterialsIn my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (-89.01%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-62.83%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (-21.47%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (-34.29%)
Intel-OneCommand line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…
Stars: ✭ 23 (-93.98%)
CnC-detectionDetecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation
Stars: ✭ 15 (-96.07%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+489.27%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (-9.69%)
TelekillerA Tools Session Hijacking And Stealer Local Passcode Telegram Windows
Stars: ✭ 122 (-68.06%)
OpenVAS-DockerA Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-95.81%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-94.24%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (-81.41%)
BrahmaBrahma - Privilege elevation exploit for Nintendo 3DS
Stars: ✭ 34 (-91.1%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-84.29%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-77.49%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-59.69%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (-25.39%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-91.1%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-22.25%)
Ip AttackAuto IP or Domain Attack Tool ( #1 )
Stars: ✭ 162 (-57.59%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (-56.28%)
Privilege EscalationThis cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Stars: ✭ 2,117 (+454.19%)
break-fast-serialA proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (-86.13%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (-82.72%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+879.32%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-55.76%)
Drupalgeddon3Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)
Stars: ✭ 18 (-95.29%)
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
Stars: ✭ 76 (-80.1%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-69.11%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-50.26%)
exynos-usbdlUnsigned code loader for Exynos BootROM
Stars: ✭ 57 (-85.08%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-51.83%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-85.86%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-79.32%)
Andrax Mobile PentestANDRAX The first and unique Penetration Testing platform for Android smartphones
Stars: ✭ 394 (+3.14%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-67.02%)
exploitsSome of my public exploits
Stars: ✭ 50 (-86.91%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (-31.94%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-82.72%)
Vulnerable AdCreate a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360 (-5.76%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (-87.43%)