Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+42.49%)
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-71.06%)
Hackers Tool KitIts a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (-22.71%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+408.06%)
HellgateLoader CSharpLoad shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (-73.26%)
IoxTool for port forwarding & intranet proxy
Stars: ✭ 411 (+50.55%)
BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Stars: ✭ 529 (+93.77%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-39.19%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+382.05%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+11954.58%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-56.78%)
Pythempentest framework
Stars: ✭ 1,060 (+288.28%)
Build TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
Stars: ✭ 656 (+140.29%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-6.23%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+127.47%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+46.89%)
DoxycannonA poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (-20.88%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+355.68%)
WhatwafDetect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (+589.01%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+1428.57%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-52.38%)
wafbypasserNo description or website provided.
Stars: ✭ 73 (-73.26%)
Searpy🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (-61.9%)
broomA disk cleaning utility for developers.
Stars: ✭ 38 (-86.08%)
Shodan-RPiA simple SSH bruteforce script targeting (not necessarily) Raspbian devices.
Stars: ✭ 13 (-95.24%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (-5.49%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (-2.93%)
Project BlackPentest/BugBounty progress control with scanning modules
Stars: ✭ 257 (-5.86%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-91.94%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-82.42%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (-79.49%)
Infini GatewayINFINI-GATEWAY(极限网关), a high performance and lightweight gateway written in golang, for elasticsearch and his friends.
Stars: ✭ 272 (-0.37%)
PushpinProxy server for adding push to your API
Stars: ✭ 3,050 (+1017.22%)
Bluebox NgPentesting framework using Node.js powers, focused in VoIP.
Stars: ✭ 255 (-6.59%)
CFX-BYPASSBypass it, you won't be Banned when playing cheats 2022
Stars: ✭ 18 (-93.41%)
litewafLightweight In-App Web Application Firewall for PHP
Stars: ✭ 32 (-88.28%)
MouseInjectDetectionSimple method of checking whether or not mouse movement or buttons (<windows 10) are injected
Stars: ✭ 29 (-89.38%)
shodan🌑 R package to work with the Shodan API
Stars: ✭ 16 (-94.14%)
bypassAV免杀 defender 360 cobalstrike shellcode
Stars: ✭ 54 (-80.22%)
nginx-lua-wafNginx-Lua-WAF是一款基于Nginx的使用Lua语言开发的灵活高效的Web应用层防火墙
Stars: ✭ 58 (-78.75%)
thelordseyethelordseye searches and returns detailed information about devices that are directly connected to the internet [IoT] (Smart TV's, Fridges, Webcams, Traffic Lights etc).
Stars: ✭ 30 (-89.01%)
Mega-index-herokuMega nz heroku index, Serves mega.nz to http via heroku web. It Alters downloading speed and stability
Stars: ✭ 165 (-39.56%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-87.18%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-0.73%)
ManbaHTTP API Gateway
Stars: ✭ 3,000 (+998.9%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-68.5%)
mongodb-scraperScraps for publicly accessible MongoDB instances and dumps user passwords
Stars: ✭ 33 (-87.91%)
WireBugWireBug is a toolset for Voice-over-IP penetration testing
Stars: ✭ 142 (-47.99%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-93.41%)
HTB-writeupPassword-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/
Stars: ✭ 21 (-92.31%)
paywallr🔓 Web extension for reading articles locked behind paywalls of over 50 german newspapers, e.g. Frankfurter Allgemeine Zeitung, Leipziger Volkszeitung & Hamburger Abendblatt
Stars: ✭ 63 (-76.92%)