CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: β 1,136 (+168.56%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: β 775 (+83.22%)
SmogcloudFind cloud assets that no one wants exposed π βοΈ
Stars: β 168 (-60.28%)
Symfony DockerA Docker-based installer and runtime for Symfony. Install: download and `docker-compose up`.
Stars: β 732 (+73.05%)
FleetA flexible control server for osquery fleets
Stars: β 1,068 (+152.48%)
WsmanagerWebshell Manager
Stars: β 99 (-76.6%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: β 150 (-64.54%)
SirisDEPRECATED: The community driven fork of Iris. The fastest web framework for Golang!
Stars: β 146 (-65.48%)
FfufFast web fuzzer written in Go
Stars: β 5,687 (+1244.44%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: β 207 (-51.06%)
dorothyDorothy is a tool to test security monitoring and detection for Okta environments
Stars: β 85 (-79.91%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: β 279 (-34.04%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: β 72 (-82.98%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: β 97 (-77.07%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: β 113 (-73.29%)
M4ngl3m3Common password pattern generator using strings list
Stars: β 103 (-75.65%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: β 213 (-49.65%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance withβ¦
Stars: β 3,439 (+713%)
Name That Hashπ Don't know what type of hash it is? Name That Hash will name that hash type! π€ Identify MD5, SHA256 and 3000+ other hashes β Comes with a neat web app π₯
Stars: β 540 (+27.66%)
StegcloakHide secrets with invisible characters in plain text securely using passwords π§π»ββοΈβ
Stars: β 2,379 (+462.41%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: β 2,114 (+399.76%)
Nginxconfig.ioβοΈ NGINX config generator on steroids π
Stars: β 14,983 (+3442.08%)
juumlaπ¦ Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: β 107 (-74.7%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: β 60 (-85.82%)
IsahcThe practical HTTP client that is fun to use.
Stars: β 338 (-20.09%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: β 370 (-12.53%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: β 4,162 (+883.92%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: β 63 (-85.11%)
SliverAdversary Simulation Framework
Stars: β 1,348 (+218.68%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: β 62 (-85.34%)
Backfuzzprotocol fuzzing toolkit
Stars: β 106 (-74.94%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: β 105 (-75.18%)
NetpwnTool made to automate tasks of pentesting.
Stars: β 152 (-64.07%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: β 1,073 (+153.66%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: β 2,775 (+556.03%)
Awesome Shodan Queriesπ A collection of interesting, funny, and depressing search queries to plug into shodan.io π©βπ»
Stars: β 2,758 (+552.01%)
IsthislegitDashboard to collect, analyze, and respond to reported phishing emails.
Stars: β 251 (-40.66%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: β 182 (-56.97%)
Quicheπ₯§ Savoury implementation of the QUIC transport protocol and HTTP/3
Stars: β 5,481 (+1195.74%)
Node Libcurllibcurl bindings for Node.js
Stars: β 447 (+5.67%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: β 9,673 (+2186.76%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: β 36 (-91.49%)
Letsencrypt ZimbraFiles to automate the deploy of letsencrypt certificates to Zimbra
Stars: β 138 (-67.38%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: β 1,928 (+355.79%)
Web ShellsSome of the best web shells that you might need!
Stars: β 162 (-61.7%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: β 126 (-70.21%)
DcRatA simple remote tool in C#.
Stars: β 709 (+67.61%)
gostGO Simple Tunnel - a simple tunnel written in golang
Stars: β 154 (-63.59%)
QuinnAsync-friendly QUIC implementation in Rust
Stars: β 1,859 (+339.48%)
PodePode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers
Stars: β 329 (-22.22%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: β 320 (-24.35%)
Rustscanπ€ The Modern Port Scanner π€
Stars: β 5,218 (+1133.57%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: β 292 (-30.97%)
HuskyciPerforming security tests inside your CI
Stars: β 398 (-5.91%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: β 857 (+102.6%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: β 35 (-91.73%)
Apac ConferencesA community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
Stars: β 90 (-78.72%)
Traitorβ¬οΈ β οΈ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: β 3,473 (+721.04%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: β 385 (-8.98%)