VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+934.62%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+2503.85%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (+453.85%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (+365.38%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+13373.08%)
E2guardianE2guardian is a web content filter that can work in proxy, transparent or icap server modes
Stars: ✭ 340 (+1207.69%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+1215.38%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+1265.38%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (+550%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (+542.31%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+10476.92%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+580.77%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+7396.15%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+438.46%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+365.38%)
LscriptThe LAZY script will make your life easier, and of course faster.
Stars: ✭ 3,056 (+11653.85%)
sslscannerSSL Scanner written in Crystal
Stars: ✭ 18 (-30.77%)
RPCScanTool to communicate with RPC services and check misconfigurations on NFS shares
Stars: ✭ 53 (+103.85%)
Txtoolan easy pentesting tool.
Stars: ✭ 246 (+846.15%)
Testssl.shTesting TLS/SSL encryption anywhere on any port
Stars: ✭ 5,676 (+21730.77%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (+42.31%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (+46.15%)
conan-openssl[OBSOLETE] The recipe is now in https://github.com/conan-io/conan-center-index
Stars: ✭ 25 (-3.85%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (+30.77%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-50%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (+115.38%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+1450%)
qsslcaudittest SSL/TLS clients how secure they are
Stars: ✭ 22 (-15.38%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+1457.69%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+27769.23%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+884.62%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-30.77%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+1053.85%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+1792.31%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (+1003.85%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+1511.54%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+1634.62%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+2884.62%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+1173.08%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+1161.54%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (+92.31%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+1823.08%)
OpensslOpenSSL bindings for Go
Stars: ✭ 397 (+1426.92%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+1392.31%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+1561.54%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+1523.08%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+1315.38%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+18734.62%)
DirbleFast directory scanning and scraping tool
Stars: ✭ 468 (+1700%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (+296.15%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (+303.85%)
jota-cert-checkerCheck SSL certificate expiration date of a list of sites.
Stars: ✭ 45 (+73.08%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+26369.23%)