FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (-33.79%)
SqlmapAutomatic SQL injection and database takeover tool
Stars: ✭ 21,907 (+626.36%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (-88.73%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-96.22%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-96.22%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-86.64%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (-42.9%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (-93.2%)
ShellabLinux and Windows shellcode enrichment utility
Stars: ✭ 225 (-92.54%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-83.45%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (-87.14%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (-85.94%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-85.84%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (-75.86%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (-70.26%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (-65.98%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-82.06%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-71.52%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+197.78%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (-60.41%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-96.25%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (-56.8%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (-35.38%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-95.66%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-95.82%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (-40.25%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-95.36%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (-88.66%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-83.69%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-85.58%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-83.12%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-89.12%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+140.25%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-78.65%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-73.94%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (-79.87%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-99.1%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-97.94%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-96.58%)
Xerrorfully automated pentesting tool
Stars: ✭ 173 (-94.26%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-93.97%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-93.8%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (-39.09%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-97.05%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (-23.34%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+28.42%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-94.83%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-93.7%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+19.23%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-89.72%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-97.31%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-95.23%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-93.7%)