Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+189.64%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (-11.1%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-53.38%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (-0.74%)
Pentest⛔️ offsec batteries included
Stars: ✭ 1,063 (-1.67%)
MilkyA .NET Standard library for pentesting web apps against credential stuffing attacks.
Stars: ✭ 49 (-95.47%)
KeyloggerA simple keylogger for Windows, Linux and Mac
Stars: ✭ 1,007 (-6.85%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+426.09%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (-59.76%)
MagmaMinecraft Forge Hybrid server implementing the Spigot/Bukkit API (Cauldron for 1.12)
Stars: ✭ 272 (-74.84%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-74.75%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (-74.84%)
Docker burpBurp Pro as a Docker Container
Stars: ✭ 53 (-95.1%)
Fomalhaut🚀 A Simple API Gateway for Building Security and Flexible Microservices.
Stars: ✭ 272 (-74.84%)
AwsA collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.
Stars: ✭ 493 (-54.39%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (-75.49%)
Java Sdk百度AI开放平台 Java SDK
Stars: ✭ 495 (-54.21%)
Awesome Hyperloop TitaniumA curated list of awesome links to resources around Axway's Hyperloop for Titanium. And more.
Stars: ✭ 30 (-97.22%)
CryptofuzzFuzzing cryptographic libraries. Magic bug printer go brrrr.
Stars: ✭ 262 (-75.76%)
Sledthe champagne of beta embedded databases
Stars: ✭ 5,423 (+401.67%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (-76.13%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-59.76%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (-33.86%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-60.04%)
docker-osmedeusDocker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 78 (-92.78%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (-55.23%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-97.96%)
JxwafJXWAF(锦衣盾)是一款开源web应用防火墙
Stars: ✭ 768 (-28.95%)
Connect4A game known as Connect4, Score4, 4-in-a-line or 4-in-a-row. Modes: Human Vs Minimax AI, Human Vs Human, Minimax AI Vs Minimax AI. Written in Java.
Stars: ✭ 14 (-98.7%)
Scanlessonline port scan scraper
Stars: ✭ 875 (-19.06%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-60.5%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-60.5%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-98.33%)
clodlTurn dynamically linked ELF binaries and libraries into self-contained closures.
Stars: ✭ 136 (-87.42%)
burp data collectorA Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
Stars: ✭ 58 (-94.63%)
DirbleFast directory scanning and scraping tool
Stars: ✭ 468 (-56.71%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (-60.78%)
Awesome Burp SuiteAwesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
Stars: ✭ 712 (-34.14%)
Erupt🚀 纯 Java 注解,快速开发 Admin 管理后台。不生成任何代码、零前端代码、零 CURD、自动建表、注解式API,支持所有主流数据库,支持自定义页面,支持多数据源,提供二十几类业务组件,十几种展示形式,支持逻辑删除,动态定时任务,前端后端分离等。核心技术:Spring Boot、JPA、Reflect、TypeScript、NG-ZORRO等。 开源不易,记得右上角点个star鼓励作者~
Stars: ✭ 421 (-61.05%)
swagger-conformancePython based tool for testing whether your API conforms to its Swagger schema
Stars: ✭ 51 (-95.28%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-57.17%)
PowerProxyPowerShell SOCKS proxy with reverse proxy capabilities
Stars: ✭ 29 (-97.32%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-97.5%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (-60.78%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-96.3%)
Paper collectionAcademic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
Stars: ✭ 710 (-34.32%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-60.87%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (-34.41%)
Awesome Nginx Security🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Stars: ✭ 417 (-61.42%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (-61.24%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (-19.7%)