RubyfuRubyfu, where Ruby goes evil!
Stars: ✭ 228 (-92.25%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-93.78%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-93.44%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (-92.69%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (-2.72%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (-91.47%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-93.61%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (-94.63%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-93.07%)
Pine🌲 Aimbot powered by real-time object detection with neural networks, GPU accelerated with Nvidia. Optimized for use with CS:GO.
Stars: ✭ 202 (-93.13%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (-1.05%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-93.24%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (-5.68%)
PhoniaPhonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: ✭ 221 (-92.49%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (-91.77%)
Mag.jsMagJS - Modular Application Glue
Stars: ✭ 157 (-94.66%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-91.33%)
Choo🚂🚋 - sturdy 4kb frontend framework
Stars: ✭ 6,637 (+125.59%)
XsrfprobeThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
Stars: ✭ 532 (-81.92%)
TorbotDark Web OSINT Tool
Stars: ✭ 821 (-72.09%)
DomtasticSmall, fast, and modular DOM and event library for modern browsers.
Stars: ✭ 763 (-74.07%)
Red hawkAll in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Stars: ✭ 1,898 (-35.49%)
Wallace CliPretty CSS analytics on the CLI
Stars: ✭ 281 (-90.45%)
ChronosChronos - A static race detector for the go language
Stars: ✭ 272 (-90.75%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (-89.43%)
Skrape.itA Kotlin-based testing/scraping/parsing library providing the ability to analyze and extract data from HTML (server & client-side rendered). It places particular emphasis on ease of use and a high level of readability by providing an intuitive DSL. It aims to be a testing lib, but can also be used to scrape websites in a convenient fashion.
Stars: ✭ 231 (-92.15%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (-81.31%)
FairrootC++ simulation, reconstruction and analysis framework for particle physics experiments
Stars: ✭ 41 (-98.61%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-94.77%)
InjectifyPerform advanced MiTM attacks on websites with ease 💉
Stars: ✭ 612 (-79.2%)
GoreconGorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
Stars: ✭ 208 (-92.93%)
SeccubusEasy automated vulnerability scanning, reporting and analysis
Stars: ✭ 615 (-79.1%)
NetcapA framework for secure and scalable network traffic analysis - https://netcap.io
Stars: ✭ 1,519 (-48.37%)
Easy hackHack the World using Termux
Stars: ✭ 549 (-81.34%)
VerminConcurrently detect the minimum Python versions needed to run code
Stars: ✭ 218 (-92.59%)
DrabRemote controlled frontend framework for Phoenix.
Stars: ✭ 833 (-71.69%)
WhatwafDetect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (-36.06%)
napari-hubDiscover, install, and share napari plugins
Stars: ✭ 44 (-98.5%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-90.01%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-98.88%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (-90.31%)
KInspectorKInspector is an application for analyzing health, performance and security of your Kentico solution.
Stars: ✭ 54 (-98.16%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (-94.49%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-95.17%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (-96.43%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-99.25%)
SWELFSimple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Stars: ✭ 23 (-99.22%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (-94.63%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (-83.75%)
hackableA python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
Stars: ✭ 61 (-97.93%)
filter-var-sqliBypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
Stars: ✭ 29 (-99.01%)
RFMapRFMap - Radio Frequency Mapper
Stars: ✭ 23 (-99.22%)