Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+731.71%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-88.86%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+1092.29%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+98%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+156.29%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+35.43%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+140.29%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-93.14%)
Pythempentest framework
Stars: ✭ 1,060 (+202.86%)
Cve 2019 0604cve-2019-0604 SharePoint RCE exploit
Stars: ✭ 91 (-74%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-64%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+543.14%)
Oxidtools200 TOOLS BY 0XID4FF0X FOR TERMUX
Stars: ✭ 143 (-59.14%)
AdbsploitA python based tool for exploiting and managing Android devices via ADB
Stars: ✭ 147 (-58%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-53.43%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-6.29%)
BrutedumBruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
Stars: ✭ 212 (-39.43%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-38.86%)
Cve 2018 7600💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
Stars: ✭ 330 (-5.71%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+717.71%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (-52.29%)
Pentest WikiPENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Stars: ✭ 2,668 (+662.29%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (-30.86%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-59.43%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-64.29%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+3176%)
Ntlmscanscan for NTLM directories
Stars: ✭ 141 (-59.71%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-64.57%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-56%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-52.57%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-66.29%)
MouseMouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.
Stars: ✭ 186 (-46.86%)
TechnowloggerTechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
Stars: ✭ 172 (-50.86%)
DccwbypassuacWindows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".
Stars: ✭ 227 (-35.14%)
Lost Nds TvThe Lost Nintendo DS Television Output, brought back to life
Stars: ✭ 221 (-36.86%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-60%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-66.86%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+961.43%)
Scripts-SploitsA number of scripts POC's and problems solved as pentests move along.
Stars: ✭ 37 (-89.43%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-80.86%)
k8badusbBadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit
Stars: ✭ 32 (-90.86%)
ExploitsA personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
Stars: ✭ 75 (-78.57%)
Umbraco-RCEUmbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (-82.57%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-96.29%)
CVE-2021-33766ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (-89.43%)
PocOrExp in Github聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+55.43%)
PhirauteeA proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
Stars: ✭ 96 (-72.57%)
MS17010EXPLadon Moudle MS17010 Exploit for PowerShell
Stars: ✭ 40 (-88.57%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-90%)
Jenkins Rce😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
Stars: ✭ 262 (-25.14%)
CVE-2018-7750an RCE (remote command execution) approach of CVE-2018-7750
Stars: ✭ 18 (-94.86%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-23.71%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-22.57%)
Exploit-DevelopmentExploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-76%)