ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+359.43%)
AtscanAdvanced dork Search & Mass Exploit Scanner
Stars: ✭ 817 (+285.38%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+1287.74%)
Pythempentest framework
Stars: ✭ 1,060 (+400%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+318.4%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+175%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+299.53%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1250%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+317.92%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1273.11%)
Pentesterspecialdict渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
Stars: ✭ 391 (+84.43%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+90.09%)
GraphqlmapGraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
Stars: ✭ 434 (+104.72%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+140.09%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+15423.11%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+176.42%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+226.89%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+255.66%)
WhourTool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-91.51%)
Pentest EnvPentest environment deployer (kali linux + targets) using vagrant and chef.
Stars: ✭ 610 (+187.74%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+273.11%)
Sqlivmassive SQL injection vulnerability scanner
Stars: ✭ 840 (+296.23%)
FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
Stars: ✭ 884 (+316.98%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-77.36%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+1868.4%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (+69.81%)
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Stars: ✭ 506 (+138.68%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+132.08%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+406.13%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+484.43%)
Pentest LabPentest Lab on OpenStack with Heat, Chef provisioning and Docker
Stars: ✭ 353 (+66.51%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+3317.92%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+204.25%)
Packer FuzzerPacker Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Stars: ✭ 753 (+255.19%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+192.92%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+323.11%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+543.4%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+63.21%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-55.66%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+554.25%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-39.15%)
Slideswon't maintain
Stars: ✭ 79 (-62.74%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+359.91%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+533.96%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-41.04%)
ProxenetThe ONLY hacker friendly proxy for webapp pentests.
Stars: ✭ 193 (-8.96%)
Ntlmscanscan for NTLM directories
Stars: ✭ 141 (-33.49%)
Klik SocialmediawebsiteComplete PHP-based Login/Registration system, Profile system, Chat room, Forum system and Blog/Polls/Event Management System.
Stars: ✭ 129 (-39.15%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-38.68%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-31.13%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (+793.87%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+46.23%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+990.57%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-38.68%)