Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-96.48%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-98.86%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-96.24%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-99.34%)
PwndocPentest Report Generator
Stars: ✭ 417 (-88.97%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-94.34%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-96.3%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-91.48%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-99.13%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-99.44%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-91.53%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-95.18%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (-27.02%)
Pentest LabPentest Lab on OpenStack with Heat, Chef provisioning and Docker
Stars: ✭ 353 (-90.66%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (-26.57%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-98.39%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-99.23%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (-97.06%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (-66.47%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-92.41%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (-1.69%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-97.17%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-99.29%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-99.26%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (-7.3%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-95.55%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (-93.62%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (-44.99%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-95.92%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-99.36%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-98.68%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (-92.99%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-98.6%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (-96.3%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (-15.37%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-98.41%)
huntkitDocker - Ubuntu with a bunch of PenTesting tools and wordlists
Stars: ✭ 51 (-98.65%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-96.51%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (-96.37%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-98.99%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-99.39%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-98.78%)
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (-97.7%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (-93.6%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (-94.5%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-98.39%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (-49.3%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-96.67%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-98.02%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-99.07%)