Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+1381.53%)
PockintA portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Stars: ✭ 196 (-48.28%)
Infosec getting startedA collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.
Stars: ✭ 526 (+38.79%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-94.46%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+22.96%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-50.66%)
PlumhoundBloodhound for Blue and Purple Teams
Stars: ✭ 452 (+19.26%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+16.62%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-51.98%)
Onioff🌰 An onion url inspector for inspecting deep web links.
Stars: ✭ 440 (+16.09%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-84.17%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+11.61%)
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+527.7%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (+6.86%)
android-webauthn-authenticatorA WebAuthn Authenticator for Android leveraging hardware-backed key storage and biometric user verification.
Stars: ✭ 101 (-73.35%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+3.17%)
Securityadvisories🔐 Security advisories as a simple composer exclusion list, updated daily
Stars: ✭ 2,279 (+501.32%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+1.58%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+137.2%)
Umbrella androidOpen source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.
Stars: ✭ 171 (-54.88%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+998.15%)
aa-policy-validatorValidate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation
Stars: ✭ 42 (-88.92%)
Dymerge🔓 A dynamic dictionary merger for successful dictionary based attacks.
Stars: ✭ 167 (-55.94%)
BugbountyguideBug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
Stars: ✭ 338 (-10.82%)
Ctf Writeups PublicWriteups for infosec Capture the Flag events by team Galaxians
Stars: ✭ 331 (-12.66%)
HacktheboxNotes Taken for HTB Machines & InfoSec Community.
Stars: ✭ 167 (-55.94%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-12.66%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (-50.66%)
ConfusedTool to check for dependency confusion vulnerabilities in multiple package management systems
Stars: ✭ 314 (-17.15%)
ThreagileAgile Threat Modeling Toolkit
Stars: ✭ 162 (-57.26%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+861.48%)
rustpadMulti-threaded Padding Oracle attacks against any service. Written in Rust.
Stars: ✭ 75 (-80.21%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-58.05%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (-22.96%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+816.36%)
KarmaFind leaked emails with your passwords
Stars: ✭ 154 (-59.37%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+743.8%)
sgCheckupsgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
Stars: ✭ 77 (-79.68%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-59.89%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (-29.29%)
honeykuA Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
Stars: ✭ 56 (-85.22%)
My TalksList of my talks and workshops: security engineering, applied cryptography, secure software development
Stars: ✭ 261 (-31.13%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-32.45%)
vimana-frameworkVimana is an experimental security framework that aims to provide resources for auditing Python web applications.
Stars: ✭ 47 (-87.6%)
PowerzurePowerShell framework to assess Azure security
Stars: ✭ 450 (+18.73%)
MyriamA vulnerable iOS App with Security Challenges for the Security Researcher inside you.
Stars: ✭ 146 (-61.48%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (-36.15%)
giggerGit folder digger, I'm sure it's worthwhile stuff.
Stars: ✭ 39 (-89.71%)
massurlA simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau
Stars: ✭ 14 (-96.31%)
adalancheActive Directory ACL Visualizer and Explorer - who's really Domain Admin?
Stars: ✭ 862 (+127.44%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (-70.71%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+627.7%)