ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+760.38%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-58.96%)
Webrtcxss利用XSS入侵内网(Use XSS automation Invade intranet)
Stars: ✭ 190 (-10.38%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (+503.3%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+809.43%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+498.11%)
KleeflSeeding fuzzers with symbolic execution
Stars: ✭ 172 (-18.87%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-37.26%)
Ctf Pwn TipsHere record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
Stars: ✭ 1,249 (+489.15%)
KaflA fuzzer for full VM kernel/driver targets
Stars: ✭ 204 (-3.77%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-36.79%)
Butterfly🔥 蝴蝶--【简单】【稳定】【好用】的 Python web 框架🦋 除 Python 2.7,无其他依赖; 🦋 butterfly 是一个 RPC 风格 web 框架,同时也是微服务框架,自带消息队列通信机制实现分布式
Stars: ✭ 82 (-61.32%)
Reverse Shell Manager🔨 A multiple reverse shell session/client manager via terminal
Stars: ✭ 171 (-19.34%)
Burp Retire JsBurp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
Stars: ✭ 157 (-25.94%)
Fuzzing SurveyThe Art, Science, and Engineering of Fuzzing: A Survey
Stars: ✭ 116 (-45.28%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-37.74%)
Web exploit detectorThe Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
Stars: ✭ 81 (-61.79%)
Insanity FrameworkGenerate Payloads and Control Remote Machines. [Discontinued]
Stars: ✭ 189 (-10.85%)
Commudle NgWorld's first community management platform. And it's free!
Stars: ✭ 81 (-61.79%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+479.25%)
Write Ups 2017Wiki-like CTF write-ups repository, maintained by the community. 2017
Stars: ✭ 2,066 (+874.53%)
Sienna LocomotiveA user-friendly fuzzing and crash triage tool for Windows
Stars: ✭ 130 (-38.68%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-46.7%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-62.74%)
WescanDocument Scanning Made Easy for iOS
Stars: ✭ 2,439 (+1050.47%)
StormA blackbox mutational fuzzer for detecting critical bugs in SMT solvers
Stars: ✭ 79 (-62.74%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+803.77%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+471.7%)
TechnowloggerTechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
Stars: ✭ 172 (-18.87%)
NullctfA Discord bot that provides ctf tools for collaboration in Discord servers!
Stars: ✭ 78 (-63.21%)
Lctf2018Source code, writeups and exps in LCTF2018.
Stars: ✭ 130 (-38.68%)
Pwa Qr Code ScannerLightweight progressive web app for scanning QR codes offline
Stars: ✭ 188 (-11.32%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-13.68%)
Cachet📛 An open source status page system for everyone.
Stars: ✭ 12,478 (+5785.85%)
Burp Bounty ProfilesBurp Bounty profiles compilation, feel free to contribute!
Stars: ✭ 76 (-64.15%)
SwiftscannerString Scanner in pure Swift (supports unicode)
Stars: ✭ 170 (-19.81%)
CtfCTF write-ups by PDKT team with English and Indonesian language
Stars: ✭ 68 (-67.92%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-65.57%)
Aws ReconMulti-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.
Stars: ✭ 203 (-4.25%)
GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
Stars: ✭ 66 (-68.87%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-39.62%)
SqlinatorAutomatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Stars: ✭ 70 (-66.98%)
KarkinosA thorough library database to assist with binary exploitation tasks.
Stars: ✭ 170 (-19.81%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+447.17%)
Nwatch🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting
Stars: ✭ 127 (-40.09%)
BrookfreepascalThe perfect Free Pascal framework for your web applications.
Stars: ✭ 64 (-69.81%)
Python Xss FilterBased on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
Stars: ✭ 115 (-45.75%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+5676.42%)
AppjaillauncherCTF Challenge Framework for Windows 8 and above
Stars: ✭ 115 (-45.75%)
ScannerlThe modular distributed fingerprinting engine
Stars: ✭ 208 (-1.89%)
PicoctfThe platform used to run picoCTF. A great framework to host any CTF.
Stars: ✭ 203 (-4.25%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (-14.15%)
CtfCTF write-ups and some wargame sites write-ups.
Stars: ✭ 157 (-25.94%)