WhatwebNext generation web scanner
Stars: ✭ 3,503 (+1506.88%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (+47.71%)
PopotoVisual query builder for Neo4j graph database
Stars: ✭ 318 (+45.87%)
TrailscraperA command-line tool to get valuable information out of AWS CloudTrail
Stars: ✭ 352 (+61.47%)
Iam Policy Json To TerraformSmall tool to convert an IAM Policy in JSON format into a Terraform aws_iam_policy_document
Stars: ✭ 282 (+29.36%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+85.78%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+75.23%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+95.87%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+74.77%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+128.9%)
PmapperA tool for quickly evaluating IAM permissions in AWS.
Stars: ✭ 494 (+126.61%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+129.36%)
CloudfruntA tool for identifying misconfigured CloudFront domains
Stars: ✭ 281 (+28.9%)
SkyarkSkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Stars: ✭ 526 (+141.28%)
Chat基于自然语言理解与机器学习的聊天机器人,支持多用户并发及自定义多轮对话
Stars: ✭ 516 (+136.7%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (+173.39%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+137.16%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+3056.88%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+233.94%)
Aws VaultA vault for securely storing and accessing AWS credentials in development environments
Stars: ✭ 5,626 (+2480.73%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+267.89%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+255.5%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+250.46%)
Neo4j HelmHelm Charts for running Neo4j on Kubernetes
Stars: ✭ 43 (-80.28%)
UserplexPropagate users from Mozilla's Person API to third party systems.
Stars: ✭ 41 (-81.19%)
AegeaAmazon Web Services Operator Interface
Stars: ✭ 51 (-76.61%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (+16.97%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-62.39%)
Module Security PublicThe public documentation for the gruntwork-io/module-security repo, which contains packages for setting up best practices for managing secrets, credentials, and servers
Stars: ✭ 67 (-69.27%)
Policy sentryIAM Least Privilege Policy Generator
Stars: ✭ 1,284 (+488.99%)
Movies Java BoltNeo4j Movies Example application with SparkJava backend using the neo4j-java-driver
Stars: ✭ 66 (-69.72%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-14.22%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-58.72%)
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Stars: ✭ 100 (-54.13%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+421.1%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (-50.46%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-51.83%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-46.79%)
GrestBuild REST APIs with Neo4j and Flask, as quickly as possible!
Stars: ✭ 102 (-53.21%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: ✭ 191 (-12.39%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-46.79%)
AwsprocesscredsProcess credential providers for AWS SDKs and Tools
Stars: ✭ 123 (-43.58%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-71.56%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+915.14%)
Reddit DetectivePlay detective on Reddit: Discover political disinformation campaigns, secret influencers and more
Stars: ✭ 129 (-40.83%)
Kube Aws Iam ControllerDistribute different AWS IAM credentials to different pods in Kubernetes via secrets.
Stars: ✭ 137 (-37.16%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-40.37%)
Neo4j Php OgmNeo4j Object Graph Mapper for PHP
Stars: ✭ 151 (-30.73%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-30.73%)
Diagram MakerA library to display an interactive editor for any graph-like data.
Stars: ✭ 2,086 (+856.88%)
Aws Iam AuthenticatorA tool to use AWS IAM credentials to authenticate to a Kubernetes cluster
Stars: ✭ 1,713 (+685.78%)
StrongboxA secret manager for AWS
Stars: ✭ 243 (+11.47%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+394.95%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+742.66%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-22.94%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1165.14%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (+0%)