PspyMonitor linux processes without root permissions
Stars: ✭ 2,470 (+1104.88%)
Web2attackWeb hacking framework with tools, exploits by python
Stars: ✭ 152 (-25.85%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-29.76%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (-10.73%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-20.98%)
CintruderCaptcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.
Stars: ✭ 192 (-6.34%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-26.83%)
Xerrorfully automated pentesting tool
Stars: ✭ 173 (-15.61%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-31.71%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+1130.24%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-19.02%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-10.24%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (-20.49%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+1241.46%)
Firecrack🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Stars: ✭ 157 (-23.41%)
Doxboxweb-based OSINT and reconaissance toolkit
Stars: ✭ 202 (-1.46%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-26.83%)
Stegseek⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (-8.78%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+874.15%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1027.8%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-34.15%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-8.78%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-17.56%)
BetterbackdoorA backdoor with a multitude of features.
Stars: ✭ 195 (-4.88%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-18.54%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1245.37%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1789.27%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-20%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-11.22%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-20.98%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-5.85%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-23.41%)
JwtcatA CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Stars: ✭ 181 (-11.71%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-23.9%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-0.49%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-25.85%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-13.66%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-26.34%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (-6.83%)
WincmdfuWindows one line commands that make life easier, shortcuts and command line fu.
Stars: ✭ 145 (-29.27%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-1.46%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-29.76%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1724.88%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-31.71%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-7.32%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (-15.61%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-0.49%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-2.93%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-8.29%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-16.1%)