In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-96.62%)
Netstalking CatalogueКаталог нетсталкерских ресурсов, команд, инструментов, источников контента.
Stars: ✭ 134 (-94.74%)
InstaloctrackAn Instagram OSINT tool to collect all the geotagged locations available on an Instagram profile in order to plot them on a map, and dump them in a JSON.
Stars: ✭ 85 (-96.66%)
AmsiscannerA C/C++ implementation of Microsoft's Antimalware Scan Interface
Stars: ✭ 134 (-94.74%)
CheckDevelopment environment for Meedan Check, a collaborative media annotation platform
Stars: ✭ 84 (-96.7%)
HydrafwHydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing
Stars: ✭ 165 (-93.52%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-94.74%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (-51.37%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-94.78%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-96.78%)
PacuThe AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Stars: ✭ 2,451 (-3.81%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-96.78%)
Digital Privacy一个关于数字隐私搜集、保护、清理集一体的方案,外加开源信息收集(OSINT)对抗
Stars: ✭ 1,231 (-51.69%)
LockphishLockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.
Stars: ✭ 186 (-92.7%)
HoundsploitAn advanced graphical search engine for Exploit-DB
Stars: ✭ 81 (-96.82%)
Twitter IntelligenceTwitter Intelligence OSINT project performs tracking and analysis of the Twitter
Stars: ✭ 179 (-92.97%)
Ip AttackAuto IP or Domain Attack Tool ( #1 )
Stars: ✭ 162 (-93.64%)
SeekerAccurately Locate Smartphones using Social Engineering
Stars: ✭ 2,772 (+8.79%)
GitmadMonitor, Alert, and Discover sensitive info and data leakage on Github.
Stars: ✭ 81 (-96.82%)
TwitworkMonitor twitter stream
Stars: ✭ 133 (-94.78%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-96.9%)
Unfollow PlusAutomated Instagram Unfollower Bot
Stars: ✭ 79 (-96.9%)
Red hawkAll in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Stars: ✭ 1,898 (-25.51%)
PoopakPOOPAK - TOR Hidden Service Crawler
Stars: ✭ 78 (-96.94%)
WinpayloadsUndetectable Windows Payload Generation
Stars: ✭ 1,211 (-52.47%)
HackapkAn Advanced Tool For Complete Apk-Modding In Termux ...
Stars: ✭ 180 (-92.94%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-93.56%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (-29.28%)
InstaburstBrute force Instagram
Stars: ✭ 76 (-97.02%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-94.86%)
RsfThe Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-97.02%)
BucketlistAmazon S3 bucket spelunking!
Stars: ✭ 72 (-97.17%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-97.17%)
Userrecon PyUsername recognition on various websites.
Stars: ✭ 131 (-94.86%)
Shad0wA post exploitation framework designed to operate covertly on heavily monitored environments
Stars: ✭ 1,166 (-54.24%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (-54.32%)
Security ScriptsA collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
Stars: ✭ 188 (-92.62%)
Adversarial Robustness ToolboxAdversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
Stars: ✭ 2,638 (+3.53%)
Venmo DataVenmo trasaction dataset for data analysis/visualization/anything
Stars: ✭ 164 (-93.56%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-94.86%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-97.25%)
WpintelChrome extension designed for WordPress Vulnerability Scanning and information gathering!
Stars: ✭ 70 (-97.25%)
InstatrackConvert Instagram user ID to username & vice versa
Stars: ✭ 70 (-97.25%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (-24.8%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-97.33%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-93.64%)
Awesome Internet ScanningA curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.
Stars: ✭ 130 (-94.9%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (-55.42%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (-55.57%)