PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-96.36%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-93.06%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-79.15%)
Rails Security Checklist🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Stars: ✭ 1,265 (-47.14%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (-79.69%)
EncpipeThe dum^H^H^Hsimplest encryption tool in the world.
Stars: ✭ 135 (-94.36%)
DronesploitDrone pentesting framework console
Stars: ✭ 473 (-80.23%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (-48.02%)
ContainersshContainerSSH: Launch containers on demand
Stars: ✭ 195 (-91.85%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (-80.61%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-96.57%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-81.49%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-81.65%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (-48.64%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (-81.78%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (-3.68%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-81.82%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-96.7%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-82.16%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-94.4%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (-82.11%)
Radio HackboxPoC tool to demonstrate vulnerabilities in wireless input devices
Stars: ✭ 74 (-96.91%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-82.16%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-92.35%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (-82.32%)
Nrf24 PlaysetSoftware tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
Stars: ✭ 73 (-96.95%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-95.49%)
Deprecated Patrol Rules AwsA set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance.
Stars: ✭ 16 (-99.33%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (-7.52%)
JwtA JWT (JSON Web Token) Encoder & Decoder
Stars: ✭ 107 (-95.53%)
Vivalasvenus@viva_las_venus -- This project is to learn, teach and awareness about privacy and security in the digital life, to build a better, more open and more inclusive world together!
Stars: ✭ 16 (-99.33%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-96.95%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-83.08%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-94.65%)
TorbotDark Web OSINT Tool
Stars: ✭ 821 (-65.69%)
Advisory DbSecurity advisory database for Rust crates published through crates.io
Stars: ✭ 396 (-83.45%)
Viewfinderjs📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e
Stars: ✭ 1,175 (-50.9%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (-2.55%)
BrutedetGeneralized proof of concept tool which can be used for drop-in bruteforce protection when needed.
Stars: ✭ 5 (-99.79%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (-83.91%)
Dnxfirewalldnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.
Stars: ✭ 174 (-92.73%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-93.9%)
Backfuzzprotocol fuzzing toolkit
Stars: ✭ 106 (-95.57%)
ThugPython low-interaction honeyclient
Stars: ✭ 818 (-65.82%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (-23.23%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (-84.08%)
SenvFriends don't let friends leak secrets on their terminal window 🙈
Stars: ✭ 71 (-97.03%)
Myscanmyscan 被动扫描
Stars: ✭ 373 (-84.41%)
Web ShellsSome of the best web shells that you might need!
Stars: ✭ 162 (-93.23%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (-65.98%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-95.61%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (-66.49%)
Mix audit🕵️♀️ MixAudit provides a mix deps.audit task to scan a project Mix dependencies for known Elixir security vulnerabilities
Stars: ✭ 146 (-93.9%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-95.61%)
PompemFind exploit tool
Stars: ✭ 786 (-67.15%)
EsdEnumeration sub domains(枚举子域名)
Stars: ✭ 785 (-67.2%)