awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-94.38%)
Gmail Helperit will contain different utilities for GMail API over OAuth2
Stars: ✭ 408 (-32.56%)
Gmail ClassicCSS for reverting Gmail to the Classic Theme
Stars: ✭ 221 (-63.47%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-71.9%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-95.37%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-72.89%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+225.45%)
PyrdpRDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Stars: ✭ 567 (-6.28%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-76.2%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+2.81%)
Pentestsome pentest scripts & tools by [email protected]
Stars: ✭ 136 (-77.52%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+479.01%)
WavecrackWavestone's web interface for password cracking with hashcat
Stars: ✭ 135 (-77.69%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-88.93%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-78.02%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (-33.72%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+272.07%)
ConstoleScan for and exploit Consul agents
Stars: ✭ 37 (-93.88%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-78.51%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (-53.39%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-78.51%)
GurpBurp Commander written in Go
Stars: ✭ 56 (-90.74%)
Darkness Dark Themes for Popular Websites
Stars: ✭ 467 (-22.81%)
Nraynray distributed port scanner
Stars: ✭ 125 (-79.34%)
hack-scriptsscripts to setup pentesting system and use during pentest
Stars: ✭ 16 (-97.36%)
PurplecloudAn Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
Stars: ✭ 122 (-79.83%)
GocaGoca Scanner
Stars: ✭ 281 (-53.55%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+222.15%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-93.88%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-80.83%)
ParadoxiaratParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (-34.71%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-82.15%)
Forwardemail.netThe best free email forwarding for custom domains (Web Server)
Stars: ✭ 211 (-65.12%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-54.88%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-82.64%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-93.72%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-83.31%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-10.08%)
KratosknifeKratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc
Stars: ✭ 97 (-83.97%)
Pentest-Service-EnumerationSuggests programs to run against services found during the enumeration phase of a Pentest
Stars: ✭ 80 (-86.78%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-83.97%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-55.21%)
FeroxbusterA fast, simple, recursive content discovery tool written in Rust.
Stars: ✭ 1,314 (+117.19%)
PythonKeyloggerA remote keylogger with some cool features
Stars: ✭ 38 (-93.72%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+117.52%)
Ss7maperSS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/
Stars: ✭ 394 (-34.88%)
gmailjs-node-boilerplateA minimal extension which demonstrates how to create a extension with Gmail.JS and NodeJS-based bundling.
Stars: ✭ 47 (-92.23%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-3.64%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (-8.93%)
RadiumPython logger with multiple features.
Stars: ✭ 492 (-18.68%)
Wahh extrasThe Web Application Hacker's Handbook - Extra Content
Stars: ✭ 428 (-29.26%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-45.29%)
gmail-cljA Clojure library that abstracts the GMail API (not the IMAP) interface.
Stars: ✭ 33 (-94.55%)
WmailThe missing desktop client for Gmail & Google Inbox
Stars: ✭ 2,093 (+245.95%)