QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (+536.36%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (+518.18%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+654.55%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (+509.09%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (+500%)
LnkupGenerates malicious LNK file payloads for data exfiltration
Stars: ✭ 205 (+831.82%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (+827.27%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+17504.55%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (+1000%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+13272.73%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (+636.36%)
WhatcmsCMS Detection and Exploit Kit based on Whatcms.org API
Stars: ✭ 205 (+831.82%)
PycurityPython Security Scripts
Stars: ✭ 218 (+890.91%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+1122.73%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+2213.64%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+1827.27%)
Shodan-RPiA simple SSH bruteforce script targeting (not necessarily) Raspbian devices.
Stars: ✭ 13 (-40.91%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+3422.73%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+3413.64%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+3804.55%)
PhoniaPhonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: ✭ 221 (+904.55%)
BillcipherInformation Gathering tool for a Website or IP address
Stars: ✭ 332 (+1409.09%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+1504.55%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+5531.82%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (+490.91%)
BafBlind Attacking Framework
Stars: ✭ 71 (+222.73%)
Shodanz🔭 A modern, async Ruby gem for Shodan, the world's first search engine for Internet-connected devices.
Stars: ✭ 74 (+236.36%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (+472.73%)
BluescanA powerful Bluetooth scanner
Stars: ✭ 206 (+836.36%)
EnteletaorMessage Queue & Broker Injection tool
Stars: ✭ 139 (+531.82%)
Sourceleakhacker🐛 A multi threads web application source leak scanner
Stars: ✭ 226 (+927.27%)
PasktoPaskto - Passive Web Scanner
Stars: ✭ 136 (+518.18%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+545.45%)
Kill RouterFerramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
Stars: ✭ 57 (+159.09%)
Sdwan Harvester🌐 Automatically enumerate and fingerprint SD-WAN nodes on the internet
Stars: ✭ 42 (+90.91%)
Ssh keyscannerssh public host key scanner using shodan
Stars: ✭ 102 (+363.64%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+2722.73%)
SilverMass scan IPs for vulnerable services
Stars: ✭ 588 (+2572.73%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (+490.91%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (+140.91%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-36.36%)
peniotPENIOT: Penetration Testing Tool for IoT
Stars: ✭ 164 (+645.45%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (+4.55%)
WPCrackerWordPress pentest tool
Stars: ✭ 34 (+54.55%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-31.82%)
ShodanCPPShodanCPP is a С++ library for accessing the Shodan API.
Stars: ✭ 18 (-18.18%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (+131.82%)
Red-Rabbit-V4The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (+459.09%)
BrutusBotnet targeting Windows machines written entirely in Python & open source security project.
Stars: ✭ 37 (+68.18%)
webreconAutomated Web Recon Shell Scripts
Stars: ✭ 48 (+118.18%)
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Stars: ✭ 109 (+395.45%)
STEWSA Security Tool for Enumerating WebSockets
Stars: ✭ 154 (+600%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (+95.45%)
reverse-sshStatically-linked ssh server with reverse shell functionality for CTFs and such
Stars: ✭ 548 (+2390.91%)