GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
Stars: ✭ 66 (-59.51%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+176.07%)
GitmonitorOne way to continuously monitor sensitive information that could be exposed on Github
Stars: ✭ 115 (-29.45%)
PowerzurePowerShell framework to assess Azure security
Stars: ✭ 450 (+176.07%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+614.11%)
Php EnumSimple and fast implementation of enumerations with native PHP
Stars: ✭ 446 (+173.62%)
WavecrackWavestone's web interface for password cracking with hashcat
Stars: ✭ 135 (-17.18%)
Swift KeyloggerKeylogger for mac written in Swift using HID
Stars: ✭ 995 (+510.43%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+3388.96%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-30.06%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (+167.48%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-58.28%)
BassBass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"
Stars: ✭ 104 (-36.2%)
Offport killerThis tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.
Stars: ✭ 40 (-75.46%)
SteganographerSteganograpy in Python | Hide files or data in Image Files
Stars: ✭ 104 (-36.2%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-76.69%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+164.42%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-30.06%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-59.51%)
MalcomMalcom - Malware Communications Analyzer
Stars: ✭ 988 (+506.13%)
BrutesploitBruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
Stars: ✭ 424 (+160.12%)
Rhme 2017Riscure Hack Me embedded hardware CTF 2017-2018.
Stars: ✭ 65 (-60.12%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+159.51%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+1100%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-77.91%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-36.81%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-78.53%)
100 Days Of Swiftui👨💻👩💻100 Days Of SwiftUI free course from Hacking with Swift. 👨💻👩💻
Stars: ✭ 35 (-78.53%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+1075.46%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+498.16%)
NaabuA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Stars: ✭ 1,121 (+587.73%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+153.37%)
Masscan to nmap基于masscan和nmap的快速端口扫描和指纹识别工具,优化版本(获取标题,页面长度,过滤防火墙)
Stars: ✭ 112 (-31.29%)
Chimay RedMikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
Stars: ✭ 63 (-61.35%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+147.24%)
Hscan集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;使用oneforall自动遍历子域名并扫描;
Stars: ✭ 63 (-61.35%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+730.67%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1505.52%)
Ss7maperSS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/
Stars: ✭ 394 (+141.72%)
S3reverseThe format of various s3 buckets is convert in one format. for bugbounty and security testing.
Stars: ✭ 61 (-62.58%)
Pentesterspecialdict渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
Stars: ✭ 391 (+139.88%)
Grab.jsfast TCP banner grabbing with node.js
Stars: ✭ 33 (-79.75%)
Awesome Internet ScanningA curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.
Stars: ✭ 130 (-20.25%)
TimelapseA time lapse app for Sony Alpha camera using the OpenMemories framework
Stars: ✭ 101 (-38.04%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+491.41%)
Hackerone LessonsTranscribed video lessons of HackerOne to pdf's
Stars: ✭ 101 (-38.04%)
Spytrojan keylogger[Solo para programadores] Troyano espía | Keylogger solo para Windows, se replica en el sistema y se inicia automaticamente al iniciar sesión. | Envío de registro mediante [Base de Datos], [Gmail] o [BotTelegram].
Stars: ✭ 32 (-80.37%)
Ge.mine.nuCode from my old page ge.mine.nu
Stars: ✭ 31 (-80.98%)
FiercephishFiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
Stars: ✭ 960 (+488.96%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+736.81%)