DirsearchWeb path scanner
Stars: ✭ 7,246 (+1037.52%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+94.51%)
AggressorLadon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
Stars: ✭ 228 (-64.21%)
psolving-paradigmsCommon problems of dynamic programming methods and techniques, including prerequisites, for competitive programmers.
Stars: ✭ 34 (-94.66%)
password-listPassword lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (-72.68%)
Pythempentest framework
Stars: ✭ 1,060 (+66.41%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+356.99%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (-8.01%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (-75.2%)
Shodan-RPiA simple SSH bruteforce script targeting (not necessarily) Raspbian devices.
Stars: ✭ 13 (-97.96%)
InstahackInstagram bruteforce tool
Stars: ✭ 265 (-58.4%)
Sqlivmassive SQL injection vulnerability scanner
Stars: ✭ 840 (+31.87%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+39.25%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+202.67%)
GohacktoolsHacker tools on Go (Golang)
Stars: ✭ 1,303 (+104.55%)
PUPI🛅 Passwords using personal information
Stars: ✭ 65 (-89.8%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (-24.96%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+32.97%)
Bitcoin-wallet-crackerAutomated Bitcoin wallet generator that with mnemonic and passphrases bruteforces wallet addresses
Stars: ✭ 140 (-78.02%)
cf-checkCloudFlare Checker written in Go
Stars: ✭ 147 (-76.92%)
Flag-CaptureSolutions and write-ups from security-based competitions also known as Capture The Flag competition
Stars: ✭ 84 (-86.81%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+555.1%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (-42.54%)
H4rpyAutomated WPA/WPA2 PSK attack tool.
Stars: ✭ 185 (-70.96%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-93.72%)
SnmpwnAn SNMPv3 User Enumerator and Attack tool
Stars: ✭ 183 (-71.27%)
Yotteryotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
Stars: ✭ 118 (-81.48%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+1448.82%)
Pentest Tools FrameworkPentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 211 (-66.88%)
PlutusAn automated bitcoin wallet collider that brute forces random wallet addresses
Stars: ✭ 404 (-36.58%)
Hoomanhttp interceptor to hoomanize cloudflare requests
Stars: ✭ 82 (-87.13%)
urlbusterPowerful mutable web directory fuzzer to bruteforce existing and/or hidden files or directories.
Stars: ✭ 144 (-77.39%)
Brute-Force-LoginProof -Of-Concept Brute Force Login on a web-site with a good dictionary of words
Stars: ✭ 231 (-63.74%)
BrutegramInstagram multi-bruteforce Platfrom
Stars: ✭ 183 (-71.27%)
T14m4tAutomated brute-forcing attack tool.
Stars: ✭ 160 (-74.88%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-94.98%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (-2.35%)
uberscanSecurity program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
Stars: ✭ 31 (-95.13%)
d00rSimple directory brute-force tool written with python.
Stars: ✭ 35 (-94.51%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-97.8%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-94.03%)
XbruteforcerX Brute Forcer Tool 🔓 WordPress , Joomla , DruPal , OpenCart , Magento
Stars: ✭ 261 (-59.03%)
yandi-scannerNetwork Security Vulnerability Scanner
Stars: ✭ 110 (-82.73%)
W3afw3af: web application attack and audit framework, the open source web vulnerability scanner.
Stars: ✭ 3,804 (+497.17%)
Socialbox TermuxSocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By init__0 for termux on android
Stars: ✭ 324 (-49.14%)
Jwt CrackerSimple HS256 JWT token brute force cracker
Stars: ✭ 365 (-42.7%)
LegionAutomatic Enumeration Tool based in Open Source tools
Stars: ✭ 280 (-56.04%)
Faitagram(Doesn't work anymore)
Stars: ✭ 117 (-81.63%)
PydictorA powerful and useful hacker dictionary builder for a brute-force attack
Stars: ✭ 2,055 (+222.61%)
instabruteInstagram Brute Forcer
Stars: ✭ 135 (-78.81%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+361.85%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-38.93%)
KonanKonan - Advanced Web Application Dir Scanner
Stars: ✭ 412 (-35.32%)