GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-3.32%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+866.16%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-92.15%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (-38.67%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (-59.21%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (-78.25%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (-84.89%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-19.34%)
hacktheboxNotes Taken for HTB Machines & InfoSec Community.
Stars: ✭ 286 (-13.6%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-79.15%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (-61.63%)
Opensource-Endpoint-MonitoringThis repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
Stars: ✭ 30 (-90.94%)
Bruteforce ListsSome files for bruteforcing certain things.
Stars: ✭ 320 (-3.32%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+528.1%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (-90.33%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-84.29%)
SimpleKeyloggerSimple Keylogger with smtp to send emails on your account using python works on linux and Windows
Stars: ✭ 32 (-90.33%)
NachtWalReinforced Mitigation Security Filter
Stars: ✭ 17 (-94.86%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+265.56%)
ShadowCloneUnleash the power of cloud
Stars: ✭ 224 (-32.33%)
CredsleakerCredsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
Stars: ✭ 247 (-25.38%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (-4.83%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-35.65%)
Pwdb-PublicA collection of all the data i could extract from 1 billion leaked credentials from internet.
Stars: ✭ 2,529 (+664.05%)
AutosqliAn automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
Stars: ✭ 222 (-32.93%)
aa-policy-validatorValidate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation
Stars: ✭ 42 (-87.31%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-92.75%)
InfosecHouseInfosec resource center for offensive and defensive security operations.
Stars: ✭ 61 (-81.57%)
hibpwnedPython API wrapper for haveibeenpwned.com (API v3)
Stars: ✭ 21 (-93.66%)
ronin-supportA support library for Ronin. Like activesupport, but for hacking!
Stars: ✭ 23 (-93.05%)
GDPatrolA Lambda-powered Security Orchestration framework for AWS GuardDuty
Stars: ✭ 50 (-84.89%)
IkyOSINT Project
Stars: ✭ 203 (-38.67%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+154.98%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-61.63%)
My TalksList of my talks and workshops: security engineering, applied cryptography, secure software development
Stars: ✭ 261 (-21.15%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-43.5%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-88.52%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-61.93%)
dorothyDorothy is a tool to test security monitoring and detection for Okta environments
Stars: ✭ 85 (-74.32%)
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+618.73%)
BTPS-SecPackThis repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommendations of multiple cyber security researchers at Microsoft. These tools were created with a small to medium size enterprise environment in mind as smaller organizations do not always have the type of funding a…
Stars: ✭ 33 (-90.03%)
Securityadvisories🔐 Security advisories as a simple composer exclusion list, updated daily
Stars: ✭ 2,279 (+588.52%)
pitchThe initial conversation slides and menu of scenarios
Stars: ✭ 37 (-88.82%)
Dymerge🔓 A dynamic dictionary merger for successful dictionary based attacks.
Stars: ✭ 167 (-49.55%)
ng-dompurifyInclusive Angular API for DOMPurify
Stars: ✭ 65 (-80.36%)
nozzlrNozzlr is a bruteforce framework, trully modular and script-friendly
Stars: ✭ 60 (-81.87%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-16.01%)
reFlutterFlutter Reverse Engineering Framework
Stars: ✭ 698 (+110.88%)
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
Stars: ✭ 25 (-92.45%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-22.66%)
wildpwnunix wildcard attacks
Stars: ✭ 119 (-64.05%)
VindicateToolLLMNR/NBNS/mDNS Spoofing Detection Toolkit
Stars: ✭ 40 (-87.92%)
JiraffeOne stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (-52.57%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-73.41%)
dontgo403Tool to bypass 40X response codes.
Stars: ✭ 457 (+38.07%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-90.63%)