DirsearchWeb path scanner
Stars: ✭ 7,246 (+4088.44%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-43.93%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-3.47%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-16.76%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+524.86%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+69.94%)
uberscanSecurity program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
Stars: ✭ 31 (-82.08%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+422.54%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+341.62%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+346.82%)
AvaxAVAX is a small, modern and fast console application for decrypting passwords with certain options.
Stars: ✭ 19 (-89.02%)
SsbSecure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server
Stars: ✭ 832 (+380.92%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+496.53%)
Nmap Nse InfoBrowse and search through nmap's NSE scripts.
Stars: ✭ 54 (-68.79%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+523.7%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-54.91%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+410.4%)
HackphilesBruteForce Tool For both Instagram and Facebook
Stars: ✭ 57 (-67.05%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-0.58%)
PydictorA powerful and useful hacker dictionary builder for a brute-force attack
Stars: ✭ 2,055 (+1087.86%)
InstabruteInstagram password bruteforcer
Stars: ✭ 91 (-47.4%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+653.18%)
T14m4tAutomated brute-forcing attack tool.
Stars: ✭ 160 (-7.51%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+320.81%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+291.33%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+347.98%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-13.29%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+413.29%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (+268.21%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-76.88%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-78.03%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-9.25%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+463.01%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+556.65%)
Bitp0wnAlgorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Stars: ✭ 59 (-65.9%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-47.98%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-40.46%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-34.1%)
HabuHacking Toolkit
Stars: ✭ 635 (+267.05%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-48.55%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+616.18%)
Koa2 RatelimitRate-limiting middleware for Koa2 ES6. Use to limit repeated requests to APIs and/or endpoints such as password reset.
Stars: ✭ 81 (-53.18%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-45.66%)
ElpscrkA Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v
Stars: ✭ 113 (-34.68%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+609.83%)
Faitagram(Doesn't work anymore)
Stars: ✭ 117 (-32.37%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-30.06%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+893.06%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-32.95%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-24.86%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-9.83%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1236.42%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+212.72%)
Decoder Plus PlusAn extensible application for penetration testers and software developers to decode/encode data into various formats.
Stars: ✭ 79 (-54.34%)