OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+84.89%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-52%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-14.22%)
JwtcatA CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Stars: ✭ 181 (-19.56%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-10.22%)
DirstalkModern alternative to dirbuster/dirb
Stars: ✭ 210 (-6.67%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-26.22%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-15.56%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (-27.56%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-19.11%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1621.33%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-21.33%)
Tracker Enabled DbcontextTracker-enabled DbContext offers you to implement full auditing in your database
Stars: ✭ 210 (-6.67%)
Xerrorfully automated pentesting tool
Stars: ✭ 173 (-23.11%)
BetterbackdoorA backdoor with a multitude of features.
Stars: ✭ 195 (-13.33%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-23.56%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (-2.67%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (-15.11%)
PspyMonitor linux processes without root permissions
Stars: ✭ 2,470 (+997.78%)
DecryptteamviewerEnumerate and decrypt TeamViewer credentials from Windows registry
Stars: ✭ 205 (-8.89%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-28%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-16.89%)
Firecrack🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Stars: ✭ 157 (-30.22%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (-18.67%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+1122.22%)
Doxboxweb-based OSINT and reconaissance toolkit
Stars: ✭ 202 (-10.22%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-3.11%)
Laravel AuditingRecord the change log from models in Laravel
Stars: ✭ 2,210 (+882.22%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-11.56%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1562.67%)
SharpattackA simple wrapper for C# tools
Stars: ✭ 211 (-6.22%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (-23.11%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-18.22%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+927.56%)
ShellabLinux and Windows shellcode enrichment utility
Stars: ✭ 225 (+0%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-24.89%)
CintruderCaptcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.
Stars: ✭ 192 (-14.67%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-25.78%)
LnkupGenerates malicious LNK file payloads for data exfiltration
Stars: ✭ 205 (-8.89%)
Stegseek⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (-16.89%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-27.11%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-4%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-28%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-16.44%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-30.22%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-9.33%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-30.67%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+1020.89%)
RogueAn extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Stars: ✭ 225 (+0%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-3.11%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-4.89%)