Pantagrulelarge hashcat rulesets generated from real-world compromised passwords
Stars: ✭ 146 (+356.25%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+1637.5%)
cracke-ditcracke-dit ("Cracked It") makes it easier to perform regular password audits against Active Directory environments.
Stars: ✭ 102 (+218.75%)
BopscrkTool to generate smart and powerful wordlists
Stars: ✭ 273 (+753.13%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+102740.63%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+687.5%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+1778.13%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (+412.5%)
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
Stars: ✭ 155 (+384.38%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+1093.75%)
DuplicutRemove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
Stars: ✭ 352 (+1000%)
Wpa2 WordlistsA collection of wordlists dictionaries for password cracking
Stars: ✭ 597 (+1765.63%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+1246.88%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (+412.5%)
KaonashiWordlist, rules and masks from Kaonashi project (RootedCON 2019)
Stars: ✭ 353 (+1003.13%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (+143.75%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+22543.75%)
roboxtractorExtract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (+25%)
MacOS-WPA-PSKPoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.
Stars: ✭ 29 (-9.37%)
Pwdlyser-CLIPython-based CLI Password Analyser (Reporting Tool)
Stars: ✭ 29 (-9.37%)
zBusterBash script for CTF automating basic enumeration
Stars: ✭ 20 (-37.5%)
ConstoleScan for and exploit Consul agents
Stars: ✭ 37 (+15.63%)
fofa viewer一个简单实用的FOFA客户端 By flashine
Stars: ✭ 815 (+2446.88%)
password-listPassword lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+443.75%)
Spray365Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
Stars: ✭ 233 (+628.13%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+11509.38%)
SemigroupsThe GAP package Semigroups
Stars: ✭ 21 (-34.37%)
crackena fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust
Stars: ✭ 192 (+500%)
ShellyAutomatic Reverse Shell Generator
Stars: ✭ 38 (+18.75%)
PwnedSimple CLI script to check if you have a password that has been compromised in a data breach.
Stars: ✭ 47 (+46.88%)
Brutal-wordlist-GeneratorBrutal Wordlist Generator is a java based Application software used to generate the wordlist with best of UX interface
Stars: ✭ 24 (-25%)
HellgateLoader CSharpLoad shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (+128.13%)
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Stars: ✭ 86 (+168.75%)
nTimetoolsTimestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
Stars: ✭ 25 (-21.87%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-15.62%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (+1112.5%)
ComPPCompany Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.
Stars: ✭ 44 (+37.5%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-46.87%)
inkA Logger backend that logs JSON
Stars: ✭ 64 (+100%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (+325%)
RedBook基于Threathunting-book基础上完善的狩猎视角红队handbook
Stars: ✭ 56 (+75%)
tridentautomated password spraying tool
Stars: ✭ 133 (+315.63%)
ClippyTerribad PrivEsc enumeration script for Windows systems
Stars: ✭ 15 (-53.12%)
transportc2PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
Stars: ✭ 22 (-31.25%)
bad-passwordsA list of the top 10,000 most-used passwords from hacked password lists.
Stars: ✭ 33 (+3.13%)
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Stars: ✭ 302 (+843.75%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (+18.75%)
mongoose-piiA Mongoose plugin that lets you transparently cipher stored PII and use securely-hashed passwords
Stars: ✭ 43 (+34.38%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-25%)
HostEnumeratorA tool that automates the process of enumeration
Stars: ✭ 29 (-9.37%)
adduser-dllSimple DLL that add a user to the local Administrators group
Stars: ✭ 48 (+50%)
ronin-supportA support library for Ronin. Like activesupport, but for hacking!
Stars: ✭ 23 (-28.12%)
JiraffeOne stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (+390.63%)
passthiefA Python script to steal all the passwords via the use of plugins 😈
Stars: ✭ 27 (-15.62%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (+712.5%)