Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-95.1%)
spicescriptA Handy-Dandy Personal Toolkit for Enumeration and a headstart on attacking a machine!
Stars: ✭ 20 (-99.72%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-98.94%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (-98.47%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-99.71%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-99.17%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (-96.41%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-98.26%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-99.2%)
polscanZero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
Stars: ✭ 57 (-99.21%)
unicorn-fuzzerexpansion of afl-unicorn using c++
Stars: ✭ 25 (-99.65%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (-95.24%)
clairvoyanceObtain GraphQL API Schema even if the introspection is not enabled
Stars: ✭ 448 (-93.82%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-99.68%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (-95.24%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (-97.2%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-99.68%)
PyjfuzzPyJFuzz - Python JSON Fuzzer
Stars: ✭ 342 (-95.28%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (-97.56%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (-91.61%)
Syzkallersyzkaller is an unsupervised coverage-guided kernel fuzzer
Stars: ✭ 3,841 (-46.99%)
NetcatNetCat for Windows
Stars: ✭ 463 (-93.61%)
WinappdbgWinAppDbg Debugger
Stars: ✭ 338 (-95.34%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (-98.72%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (-92.4%)
doraFind exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (-96.84%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (-98.11%)
BugbountyguideBug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
Stars: ✭ 338 (-95.34%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (-5.02%)
KeyloggerGet Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
Stars: ✭ 604 (-91.66%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (-60.5%)
VPS-Bug-Bounty-ToolsScript that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (-99.39%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-99.67%)
WPCrackerWordPress pentest tool
Stars: ✭ 34 (-99.53%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-99.03%)
DawsAdvanced Web Shell
Stars: ✭ 551 (-92.4%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (-99.3%)
crackena fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust
Stars: ✭ 192 (-97.35%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-97.89%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (-97.42%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-96.04%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (-48.73%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-95.43%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-99.41%)
Red-Rabbit-V4The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (-98.3%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-98.3%)
Ctf Writeups PublicWriteups for infosec Capture the Flag events by team Galaxians
Stars: ✭ 331 (-95.43%)
BillcipherInformation Gathering tool for a Website or IP address
Stars: ✭ 332 (-95.42%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-98.25%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-99.77%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-99.48%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (-47.85%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-95.43%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (-98.84%)
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
Stars: ✭ 17 (-99.77%)