WincmdfuWindows one line commands that make life easier, shortcuts and command line fu.
Stars: ✭ 145 (-35.56%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+1122.22%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-36%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-37.78%)
Doxboxweb-based OSINT and reconaissance toolkit
Stars: ✭ 202 (-10.22%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-39.56%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-40.44%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-3.11%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-40.44%)
Laravel AuditingRecord the change log from models in Laravel
Stars: ✭ 2,210 (+882.22%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-40.89%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-11.56%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-41.33%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1562.67%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+700.89%)
SharpattackA simple wrapper for C# tools
Stars: ✭ 211 (-6.22%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-41.78%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (-23.11%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+900.44%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-18.22%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-43.11%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+927.56%)
ShellabLinux and Windows shellcode enrichment utility
Stars: ✭ 225 (+0%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-24.89%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-44%)
CintruderCaptcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.
Stars: ✭ 192 (-14.67%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-44.44%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-25.78%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-45.33%)
LnkupGenerates malicious LNK file payloads for data exfiltration
Stars: ✭ 205 (-8.89%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+663.56%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-46.22%)
Stegseek⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (-16.89%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+648.44%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-27.11%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-48.44%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-4%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-48.44%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-28%)
CagCrypto Audit Guidelines
Stars: ✭ 115 (-48.89%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-16.44%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-49.33%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-30.22%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-49.33%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-9.33%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-32.44%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-30.67%)
RogueAn extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Stars: ✭ 225 (+0%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-3.11%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-4.89%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-9.33%)