ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-90.08%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+61.64%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (-51.15%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (-21.18%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-83.4%)
Lor Axe🪓 a multi-threaded, low-bandwidth HTTP DOS tool
Stars: ✭ 72 (-86.26%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-79.96%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+2237.02%)
Zeebsploitweb scanner - exploitation - information gathering
Stars: ✭ 159 (-69.66%)
WhatcmsCMS Detection and Exploit Kit based on Whatcms.org API
Stars: ✭ 205 (-60.88%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-2.86%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+104.77%)
Ble Security Attack Defence✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
Stars: ✭ 88 (-83.21%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-86.07%)
EnteletaorMessage Queue & Broker Injection tool
Stars: ✭ 139 (-73.47%)
Ntlmscanscan for NTLM directories
Stars: ✭ 141 (-73.09%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-19.08%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-76.15%)
quick-scriptsA collection of my quick and dirty scripts for vulnerability POC and detections
Stars: ✭ 73 (-86.07%)
one-scan多合一网站指纹扫描器,轻松获取网站的 IP / DNS 服务商 / 子域名 / HTTPS 证书 / WHOIS / 开发框架 / WAF 等信息
Stars: ✭ 44 (-91.6%)
mondoo🕵️♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management
Stars: ✭ 60 (-88.55%)
log4shell-finderFastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-95.8%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-52.29%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+461.45%)
SlowlorisAsynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-90.27%)
PillagerPillage filesystems for sensitive information with Go.
Stars: ✭ 64 (-87.79%)
Pythempentest framework
Stars: ✭ 1,060 (+102.29%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-83.59%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+129.96%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+1894.47%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+92.56%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-74.24%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+248.09%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-72.14%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+267.94%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+341.22%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-67.56%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+455.53%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+85.88%)
sslscannerSSL Scanner written in Crystal
Stars: ✭ 18 (-96.56%)
vulnscanA static binary vulnerability scanner
Stars: ✭ 47 (-91.03%)
lachesis👨💻 A work-in-progress web services mass scanner written in Rust
Stars: ✭ 55 (-89.5%)
aemscanAdobe Experience Manager Vulnerability Scanner
Stars: ✭ 161 (-69.27%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-79.96%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (-72.9%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-72.9%)
BillcipherInformation Gathering tool for a Website or IP address
Stars: ✭ 332 (-36.64%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+696.37%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-37.79%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-48.66%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-33.97%)
ApiVulners Python API wrapper
Stars: ✭ 313 (-40.27%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+71.18%)
PhoniaPhonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: ✭ 221 (-57.82%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+568.51%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-27.1%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-21.18%)