Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-15.33%)
AutosploitAutomated Mass Exploiter
Stars: ✭ 4,500 (+3184.67%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (+238.69%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-29.2%)
SalusSecurity scanner coordinator
Stars: ✭ 441 (+221.9%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+220.44%)
Cookie crimesRead local Chrome cookies without root or decrypting
Stars: ✭ 434 (+216.79%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+636.5%)
GosecGolang security checker
Stars: ✭ 5,694 (+4056.2%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-29.2%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+209.49%)
Go TranscodeLive on-demand transcoding in go using ffmpeg. Also with NVIDIA GPU hardware acceleration.
Stars: ✭ 39 (-71.53%)
ChroniclePublic append-only ledger microservice built with Slim Framework
Stars: ✭ 429 (+213.14%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1215.33%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (+208.76%)
UgfraudAn Unsupervised Graph-based Toolbox for Fraud Detection
Stars: ✭ 38 (-72.26%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (+205.84%)
EyeballerConvolutional neural network for analyzing pentest screenshots
Stars: ✭ 416 (+203.65%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-73.72%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+201.46%)
Live Stream From DesktopProvide guidance to test live streaming (mpeg-dash or hls) or vod from your desktop
Stars: ✭ 124 (-9.49%)
TelemetrysourcererEnumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (+191.97%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-74.45%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (+190.51%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (-30.66%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+2727.01%)
Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Stars: ✭ 977 (+613.14%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+181.02%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1150.36%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+178.83%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+178.1%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-34.31%)
Myscanmyscan 被动扫描
Stars: ✭ 373 (+172.26%)
XrayguiBuild A GUI For Xray,给Xray造一个GUI控制端。
Stars: ✭ 30 (-78.1%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+167.15%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-2.19%)
OffensivedlrToolbox containing research notes & PoC code for weaponizing .NET's DLR
Stars: ✭ 364 (+165.69%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+170.07%)
TidalPattern language
Stars: ✭ 1,304 (+851.82%)
SpicypassA light-weight password manager with a focus on simplicity and security
Stars: ✭ 367 (+167.88%)
Livecoder.netA simple browser environment for coding live javascript.
Stars: ✭ 27 (-80.29%)
UnsignRemove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)
Stars: ✭ 362 (+164.23%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-17.52%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (+162.77%)
SipcheckSIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.
Stars: ✭ 20 (-85.4%)
RtaRed team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
Stars: ✭ 358 (+161.31%)
ShoebotEasy vector graphics with Python
Stars: ✭ 88 (-35.77%)
SpoofcheckSimple script that checks a domain for email protections
Stars: ✭ 437 (+218.98%)
SwiftvideoSwift Video Framework for Linux, macOS, and iOS/iPadOS
Stars: ✭ 137 (+0%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1231.39%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-2.92%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-9.49%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-16.79%)
Keylogger🔐 Open Source Python Keylogger Collection
Stars: ✭ 97 (-29.2%)