MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (+25.97%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+11.04%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+248.38%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (+194.16%)
UmbrellaA Phishing Dropper designed to Pentest.
Stars: ✭ 180 (-41.56%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+10584.74%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-53.25%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+1254.87%)
Pythempentest framework
Stars: ✭ 1,060 (+244.16%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (+101.62%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+267.53%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+718.83%)
EvilurlGenerate unicode evil domains for IDN Homograph Attack and detect them.
Stars: ✭ 654 (+112.34%)
Pentest-Service-EnumerationSuggests programs to run against services found during the enumeration phase of a Pentest
Stars: ✭ 80 (-74.03%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-80.19%)
FreeFire-PhishingFree Fire Phishing Tool ID Hack Tool For Online Hacking
Stars: ✭ 140 (-54.55%)
StreamingphishPython-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network.
Stars: ✭ 271 (-12.01%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-92.53%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+76.62%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+1027.6%)
Mr.sipSIP-Based Audit and Attack Tool
Stars: ✭ 266 (-13.64%)
SharpLinkCreate file system symbolic links from low privileged user accounts within PowerShell
Stars: ✭ 51 (-83.44%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (-81.82%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+914.29%)
CamHackerCamera phishing tool. If anyone opens link generated by CamHacker and permits camera access his/her photo will be captured!
Stars: ✭ 280 (-9.09%)
suiderThis tool will quickly search for exploitable binaries with SUID bit set in Linux and will output the method of exploitation from GTFObins
Stars: ✭ 21 (-93.18%)
InvizzzibleInviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
Stars: ✭ 268 (-12.99%)
offensive-docker-vpsCreate a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Stars: ✭ 66 (-78.57%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+1037.34%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-12.01%)
LordPhishThe most complete phishing tool
Stars: ✭ 158 (-48.7%)
Phishing.databasePhishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
Stars: ✭ 296 (-3.9%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-84.42%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (-13.96%)
domfindA Python DNS crawler to find identical domain names under different TLDs.
Stars: ✭ 22 (-92.86%)
MercureMercure is a tool for security managers who want to train their colleague to phishing.
Stars: ✭ 262 (-14.94%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-88.64%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-87.66%)
SpectreA simple phishing tool that can phish almost any website
Stars: ✭ 57 (-81.49%)
Ethereum ListsA repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.
Stars: ✭ 300 (-2.6%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (-2.6%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (-8.44%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (-15.58%)
WireBugWireBug is a toolset for Voice-over-IP penetration testing
Stars: ✭ 142 (-53.9%)
blacklistA dataset of various malicious cryptocurrency-related URLs and Twitter profiles
Stars: ✭ 34 (-88.96%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (-16.23%)
HTB-writeupPassword-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/
Stars: ✭ 21 (-93.18%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-86.04%)
GocaGoca Scanner
Stars: ✭ 281 (-8.77%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (-16.88%)
PowEnumExecutes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.
Stars: ✭ 62 (-79.87%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+174.03%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-16.88%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-83.77%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-92.21%)
EspooferAn email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻
Stars: ✭ 273 (-11.36%)