RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+1037.84%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-22.97%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-12.16%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-17.57%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-27.03%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-11.49%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-21.62%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-9.46%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-24.32%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-13.51%)
SubrakeA Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
Stars: ✭ 125 (-15.54%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-29.73%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1395.27%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-18.24%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+1133.78%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-21.62%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (-22.97%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-5.41%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+1221.62%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+1063.51%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+937.16%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-10.81%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-29.05%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1141.22%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-15.54%)
Ransom0Ransom0 is a open source ransomware made with Python, designed to find and encrypt user data.
Stars: ✭ 105 (-29.05%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-10.81%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-16.89%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-8.11%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+1060.81%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+1117.57%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-18.92%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+1249.32%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1216.89%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-11.49%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-22.3%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-9.46%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+931.08%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1420.95%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-22.97%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-2.7%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-22.97%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-13.51%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-23.65%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-9.46%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (-27.03%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-5.41%)
AnsvifA Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-27.7%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-29.05%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-10.14%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-14.86%)
WincmdfuWindows one line commands that make life easier, shortcuts and command line fu.
Stars: ✭ 145 (-2.03%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-2.7%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-8.78%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+1048.65%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-14.86%)