SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-98.85%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (-12.03%)
ShuffleShuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Stars: ✭ 424 (-86.44%)
attack-evalsATT&CK Evaluations website (DEPRECATED)
Stars: ✭ 57 (-98.18%)
ezEmuSee adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Stars: ✭ 89 (-97.15%)
Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (-90.56%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-88.52%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-82.95%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-82.69%)
Chain ReactorChain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Stars: ✭ 206 (-93.41%)
Dns Rebind ToolkitA front-end JavaScript toolkit for creating DNS rebinding attacks.
Stars: ✭ 435 (-86.08%)
Logkeys📝 ⌨️ A GNU/Linux keylogger that works!
Stars: ✭ 518 (-83.43%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (-85.09%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-93.09%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (-78.34%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-75.21%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (-69.26%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+90.12%)
Pi Pwnbox RogueapHomemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Stars: ✭ 798 (-74.47%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-98.02%)
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-97.47%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (-61%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-97.28%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-86.47%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-87.04%)
ParadoxiaratParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (-87.36%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-83.72%)
Atomic Red TeamSmall and highly portable detection tests based on MITRE's ATT&CK.
Stars: ✭ 5,364 (+71.59%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+79.62%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-87.78%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (-78.37%)
HabuHacking Toolkit
Stars: ✭ 635 (-79.69%)
Packer FuzzerPacker Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Stars: ✭ 753 (-75.91%)
KeyloggerGet Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
Stars: ✭ 604 (-80.68%)
SootyThe SOC Analysts all-in-one CLI tool to automate and speed up workflow.
Stars: ✭ 867 (-72.26%)
Attack NavigatorWeb app that provides basic navigation and annotation of ATT&CK matrices
Stars: ✭ 887 (-71.63%)
SlowlorisAsynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-98.37%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+33.14%)
Zbn安全编排与自动化响应平台
Stars: ✭ 201 (-93.57%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-97.66%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (-60.04%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-97.76%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+234.33%)
Aura BotnetA super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.
Stars: ✭ 95 (-96.96%)
Attack Control Framework MappingsSecurity control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Stars: ✭ 115 (-96.32%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+182.92%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-97.22%)
VirtualsecconsAn ongoing list of virtual cybersecurity conferences.
Stars: ✭ 113 (-96.39%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-96.23%)
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
Stars: ✭ 155 (-95.04%)
HackercampEnine boyuna siber güvenlik
Stars: ✭ 149 (-95.23%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-94.91%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-95.94%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-94.59%)
Litmus testDetecting ATT&CK techniques & tactics for Linux
Stars: ✭ 190 (-93.92%)