GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-8.49%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-0.94%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+6392.45%)
IsthislegitDashboard to collect, analyze, and respond to reported phishing emails.
Stars: ✭ 251 (+136.79%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-6.6%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+775.47%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-2.83%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (+43.4%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+3176.42%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+431.13%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+263.21%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-41.51%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+2501.89%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+631.13%)
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+2144.34%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+71.7%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+299.06%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+912.26%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+2517.92%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (+100.94%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+3144.34%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+380.19%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (+175.47%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-66.98%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-66.04%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (+58.49%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+971.7%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-40.57%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-32.08%)
Cvebase.comcvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
Stars: ✭ 88 (-16.98%)
SquealerTelling tales on you for leaking secrets!
Stars: ✭ 97 (-8.49%)
Apac ConferencesA community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
Stars: ✭ 90 (-15.09%)
FugaciousOSSSM (awesome). Open source short-term secure messaging
Stars: ✭ 100 (-5.66%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-8.49%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-16.04%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-16.04%)
Keylogger🔐 Open Source Python Keylogger Collection
Stars: ✭ 97 (-8.49%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-17.92%)
KarnSimplifying Seccomp enforcement in containerized or non-containerized apps
Stars: ✭ 104 (-1.89%)
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Stars: ✭ 100 (-5.66%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+1096.23%)
Sinkholes🐛 Malware Sinkhole List in various formats
Stars: ✭ 84 (-20.75%)
AttacksurfaceanalyzerAttack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
Stars: ✭ 1,341 (+1165.09%)
MaliceVirusTotal Wanna Be - Now with 100% more Hipster
Stars: ✭ 1,253 (+1082.08%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-21.7%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+9207.55%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+1073.58%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-22.64%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-23.58%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-1.89%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+1180.19%)
Python RansomwarePython Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles
Stars: ✭ 96 (-9.43%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+1059.43%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+1050%)