ShellpopPop shells like a master.
Stars: ✭ 1,279 (+237.47%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-27.97%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+226.91%)
bank mitigationsAnti keylogger, anti screen logger... Strategy to protect with hookings or improve your sandbox with spyware detection... - Demo
Stars: ✭ 17 (-95.51%)
Burp Bounty ProfilesBurp Bounty profiles compilation, feel free to contribute!
Stars: ✭ 76 (-79.95%)
GetPwdIt's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)
Stars: ✭ 46 (-87.86%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+210.29%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (-68.34%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+206.07%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+198.68%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-85.22%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-96.57%)
SkaSimple Karma Attack
Stars: ✭ 55 (-85.49%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-91.29%)
Macro packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (+182.85%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-28.5%)
VNCPwnVNC pentest tool with bruteforce and ducky script execution features
Stars: ✭ 21 (-94.46%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-94.2%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+166.23%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-92.35%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-89.71%)
Socks5SOCKS Protocol Version 5 Library in Go. Full TCP/UDP and IPv4/IPv6 support
Stars: ✭ 321 (-15.3%)
Prox5🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋
Stars: ✭ 39 (-89.71%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+565.44%)
organonThis program focuses on automating the download, installation and compilation of pentest tools from source
Stars: ✭ 36 (-90.5%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (-30.08%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+136.68%)
cheatsheetThese are some of the commands which I use frequently during Malware Analysis and DFIR.
Stars: ✭ 23 (-93.93%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-88.92%)
Poet[unmaintained] Post-exploitation tool
Stars: ✭ 184 (-51.45%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-91.03%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+104.49%)
Proxy ListGet PROXY List that gets updated everyday
Stars: ✭ 347 (-8.44%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+98.94%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-62.53%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+91.29%)
Crack-O-MaticFind and notify users in your Active Directory with weak passwords
Stars: ✭ 89 (-76.52%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+84.43%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-84.17%)
EvilurlGenerate unicode evil domains for IDN Homograph Attack and detect them.
Stars: ✭ 654 (+72.56%)
Integrated Examples以Xray或v2ray为主、caddy或nginx为辅,结合trojan或trojan-go及naiveproxy等打造科学上网的优化配置及最优组合示例,分享给大家食用及备份。
Stars: ✭ 249 (-34.3%)
UmbrellaA Phishing Dropper designed to Pentest.
Stars: ✭ 180 (-52.51%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+998.15%)
SocksA SOCKS (SOCKS4, SOCKS4A and SOCKS5) Proxy Package for Go
Stars: ✭ 355 (-6.33%)
PyckA collection of useful Python hacking scripts for beginners
Stars: ✭ 334 (-11.87%)
PywerviewA (partial) Python rewriting of PowerSploit's PowerView
Stars: ✭ 292 (-22.96%)
HTB-writeupPassword-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/
Stars: ✭ 21 (-94.46%)
PshellICMP/IP tunnel manager for Linux.
Stars: ✭ 24 (-93.67%)
EnigmaMultiplatform payload dropper
Stars: ✭ 180 (-52.51%)