PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+19724.7%)
HellgateLoader CSharpLoad shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (-56.02%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-36.75%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1624.1%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+692.77%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+735.54%)
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-52.41%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+2413.86%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+336.75%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (+422.89%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-1.81%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+486.75%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+433.73%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+507.83%)
Pythempentest framework
Stars: ✭ 1,060 (+538.55%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+584.34%)
ExploitsMiscellaneous exploit code
Stars: ✭ 1,157 (+596.99%)
GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
Stars: ✭ 66 (-60.24%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-7.23%)
Macro packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (+545.78%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+614.46%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-50.6%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+406.63%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+440.36%)
FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
Stars: ✭ 884 (+432.53%)
Jsql InjectionjSQL Injection is a Java application for automatic SQL database injection.
Stars: ✭ 891 (+436.75%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-76.51%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+5310.24%)
Pi Pwnbox RogueapHomemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Stars: ✭ 798 (+380.72%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+581.93%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-62.65%)
Chaos🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.
Stars: ✭ 1,168 (+603.61%)
EvilgradeEvilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
Stars: ✭ 1,086 (+554.22%)
Burp Bounty ProfilesBurp Bounty profiles compilation, feel free to contribute!
Stars: ✭ 76 (-54.22%)
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+615.66%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+4569.88%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-41.57%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-40.36%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-39.16%)
Cve 2019 0604cve-2019-0604 SharePoint RCE exploit
Stars: ✭ 91 (-45.18%)
BettercapThe Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
Stars: ✭ 10,735 (+6366.87%)
Redteam vul红队作战中比较常遇到的一些重点系统漏洞整理。
Stars: ✭ 1,271 (+665.66%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-36.75%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (+670.48%)
Privilege EscalationThis cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Stars: ✭ 2,117 (+1175.3%)
Xg2xgby ex-googlers, for ex-googlers - a lookup table of similar tech & services
Stars: ✭ 10,218 (+6055.42%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-30.12%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-27.11%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-24.7%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1006.63%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1074.1%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-24.1%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1256.02%)