Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-67.2%)
DnsprobeDNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
Stars: ✭ 221 (-11.6%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-67.6%)
Commit Stream#OSINT tool for finding Github repositories by extracting commit logs in real time from the Github event API
Stars: ✭ 204 (-18.4%)
SputnikOpen Source Intelligence Browser Extension
Stars: ✭ 119 (-52.4%)
DeathstarUses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Stars: ✭ 1,221 (+388.4%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+745.6%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+382%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-68.8%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-42.4%)
CerteagleWeaponizing Live CT logs for automated monitoring of assets
Stars: ✭ 78 (-68.8%)
CardpwnOSINT Tool to find Breached Credit Cards Information
Stars: ✭ 187 (-25.2%)
BucketlistAmazon S3 bucket spelunking!
Stars: ✭ 72 (-71.2%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-12.8%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+698.8%)
GreconYour Google Recon is Now Automated
Stars: ✭ 119 (-52.4%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-72%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-31.2%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-53.6%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+364%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-44%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-72.8%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+354.4%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (-1.6%)
Public Bugbounty ProgramsCommunity curated list of public bug bounty and responsible disclosure programs.
Stars: ✭ 233 (-6.8%)
DrozerThe Leading Security Assessment Framework for Android.
Stars: ✭ 2,683 (+973.2%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-52.8%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-54%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-74.8%)
Misp TrainingMISP trainings, threat intel and information sharing training materials with source code
Stars: ✭ 185 (-26%)
MimirSmart OSINT collection of common IOC types
Stars: ✭ 63 (-74.8%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-46%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-45.6%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-75.6%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1003.2%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+331.6%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+630.4%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-77.6%)
OmnibusThe OSINT Omnibus (beta release)
Stars: ✭ 243 (-2.8%)
DeltaPROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
Stars: ✭ 55 (-78%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-46.4%)
Nmap Nse InfoBrowse and search through nmap's NSE scripts.
Stars: ✭ 54 (-78.4%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (-26.8%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-78.8%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-46.4%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-14.4%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (-53.2%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-53.6%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-54.8%)
Url TrackerChange monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-31.6%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+510.4%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-54%)