LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+7220%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+58120%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+24780%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+13420%)
EsdEnumeration sub domains(枚举子域名)
Stars: ✭ 785 (+15600%)
LimitrrLight NodeJS rate limiting and response delaying using Redis - including Express middleware.
Stars: ✭ 203 (+3960%)
CanaryCanary: Input Detection and Response
Stars: ✭ 29 (+480%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+7300%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+77360%)
R0akr0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
Stars: ✭ 698 (+13860%)
Grauditgrep rough audit - source code auditing tool
Stars: ✭ 747 (+14840%)
Awesome Object DetectionAwesome Object Detection based on handong1587 github: https://handong1587.github.io/deep_learning/2015/10/09/object-detection.html
Stars: ✭ 6,628 (+132460%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+14640%)
WhalerProgram to reverse Docker images into Dockerfiles
Stars: ✭ 670 (+13300%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+125520%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+137540%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+12800%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+15400%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+14400%)
HabuHacking Toolkit
Stars: ✭ 635 (+12600%)
HardeningHardening Ubuntu. Systemd edition.
Stars: ✭ 705 (+14000%)
ScapyScapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Stars: ✭ 6,932 (+138540%)
Attack rangeA tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
Stars: ✭ 693 (+13760%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+14200%)
Security ListPenetrum LLC opensource security tool list.
Stars: ✭ 619 (+12280%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+144820%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+14680%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+15940%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (+13360%)
Red BaronAutomate creating resilient, disposable, secure and agile infrastructure for Red Teams.
Stars: ✭ 662 (+13140%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+15400%)
ImageaiA python library built to empower developers to build applications and systems with self-contained Computer Vision capabilities
Stars: ✭ 6,734 (+134580%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (+12640%)
Cs SuiteCloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (+16200%)
All About The GanAll About the GANs(Generative Adversarial Networks) - Summarized lists for GAN
Stars: ✭ 630 (+12500%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+14460%)
Osquery ConfigurationA repository for using osquery for incident detection and response
Stars: ✭ 618 (+12260%)
Yolo tensorflowTensorflow implementation of YOLO, including training and test phase.
Stars: ✭ 772 (+15340%)
Fail2banDaemon to ban hosts that cause multiple authentication errors
Stars: ✭ 6,677 (+133440%)
Embaemba - An analyzer for Linux-based firmware of embedded devices.
Stars: ✭ 607 (+12040%)
Alibi DetectAlgorithms for outlier and adversarial instance detection, concept drift and metrics.
Stars: ✭ 604 (+11980%)
Articles Translator📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (+12020%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+15820%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+15180%)
Android YoloReal-time object detection on Android using the YOLO network with TensorFlow
Stars: ✭ 604 (+11980%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+11940%)
Pytorchinsighta pytorch lib with state-of-the-art architectures, pretrained models and real-time updated results
Stars: ✭ 713 (+14160%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+11920%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (+11820%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+15240%)
Tensorflow Face DetectionA mobilenet SSD based face detector, powered by tensorflow object detection api, trained by WIDERFACE dataset.
Stars: ✭ 711 (+14120%)