HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (+23.93%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+526.38%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-71.78%)
RoninRonin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.
Stars: ✭ 220 (+34.97%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+2135.58%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+4655.83%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-71.17%)
Ble Security Attack Defence✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
Stars: ✭ 88 (-46.01%)
PurplecloudAn Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
Stars: ✭ 122 (-25.15%)
Laravel EnumSimple, extensible and powerful enumeration implementation for Laravel.
Stars: ✭ 1,278 (+684.05%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-12.88%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+953.99%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-46.63%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-25.77%)
Hooksolinux动态链接库的注入修改查找工具 A tool for injection, modification and search of linux dynamic link library
Stars: ✭ 87 (-46.63%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-12.88%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-47.24%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-26.38%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+672.39%)
Sinkholes🐛 Malware Sinkhole List in various formats
Stars: ✭ 84 (-48.47%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-26.38%)
Jenkins ShellAutomating Jenkins Hacking using Shodan API
Stars: ✭ 84 (-48.47%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-48.47%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (-26.99%)
MaliceVirusTotal Wanna Be - Now with 100% more Hipster
Stars: ✭ 1,253 (+668.71%)
Kickthemout💤 Kick devices off your network by performing an ARP Spoof attack.
Stars: ✭ 2,005 (+1130.06%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-6.75%)
UnimapScan only once by IP address and reduce scan times with Nmap for large amounts of data.
Stars: ✭ 141 (-13.5%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+666.26%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+663.19%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+660.12%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-49.69%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-50.31%)
BlackwormBlack Worm Offical Repo
Stars: ✭ 80 (-50.92%)
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-51.53%)
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-51.53%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-52.15%)
EnteletaorMessage Queue & Broker Injection tool
Stars: ✭ 139 (-14.72%)
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (-52.15%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-52.15%)
EternalviewEternalView is an all in one basic information gathering and vulnerability assessment tool
Stars: ✭ 118 (-27.61%)
CerteagleWeaponizing Live CT logs for automated monitoring of assets
Stars: ✭ 78 (-52.15%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (-1.84%)
Wifi PassviewAn open source batch script based WiFi Passview for Windows!
Stars: ✭ 157 (-3.68%)
Amitt frameworkRepo replaced by cogsec-collaborative/AMITT
Stars: ✭ 152 (-6.75%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-17.18%)
YsfYSF Server Functions
Stars: ✭ 77 (-52.76%)
Griefing MethodsA documentation about how to hack Minecraft servers
Stars: ✭ 76 (-53.37%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-27.61%)
SpartySparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]
Stars: ✭ 75 (-53.99%)