BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-61.33%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+69.33%)
RaasnetOpen-Source Ransomware As A Service for Linux, MacOS and Windows
Stars: ✭ 371 (+64.89%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-40.44%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+2219.11%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-62.22%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+63.56%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-3.11%)
RidrelayEnumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Stars: ✭ 359 (+59.56%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+455.11%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+57.78%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-40.44%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+53.78%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+450.67%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (+53.33%)
Laravel AuditingRecord the change log from models in Laravel
Stars: ✭ 2,210 (+882.22%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+52%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-64%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (+48.89%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-40.89%)
CitadelCollection of pentesting scripts
Stars: ✭ 333 (+48%)
DeathstarUses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Stars: ✭ 1,221 (+442.67%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+45.78%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-11.56%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (+43.11%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-65.33%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+43.11%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-41.33%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+40.89%)
RsfThe Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-66.22%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+19.56%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1562.67%)
WebanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (+38.22%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+423.11%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+700.89%)
FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+1683.56%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-68.44%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (+33.78%)
SharpattackA simple wrapper for C# tools
Stars: ✭ 211 (-6.22%)
WirespyFramework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Stars: ✭ 293 (+30.22%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+1464.89%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-41.78%)
PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (+28%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-69.78%)
Rshijacktcp connection hijacker, rust rewrite of shijack
Stars: ✭ 288 (+28%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (-23.11%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+3960.89%)
RogueAn extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Stars: ✭ 225 (+0%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-3.11%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-4.89%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-9.33%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1125.78%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-33.33%)
AnsvifA Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-52.44%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+167.11%)