SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-28.8%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-29.84%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-29.84%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1343.98%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-7.33%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-13.09%)
EvasorA tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
Stars: ✭ 134 (-29.84%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-30.89%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-13.09%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-30.37%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+790.05%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-30.89%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1058.64%)
PspyMonitor linux processes without root permissions
Stars: ✭ 2,470 (+1193.19%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+843.46%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-1.57%)
Poet[unmaintained] Post-exploitation tool
Stars: ✭ 184 (-3.66%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-31.41%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (-14.66%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1078.53%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-31.94%)
Xerrorfully automated pentesting tool
Stars: ✭ 173 (-9.42%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-32.98%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-15.18%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+801.57%)
Msf AuxiliarysMy collection of metasploit auxiliary post-modules
Stars: ✭ 183 (-4.19%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1858.64%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-32.98%)
PandasniperLinux C2 框架demo,为期2周的”黑客编程马拉松“,从学习编程语言开始到实现一个demo的产物
Stars: ✭ 159 (-16.75%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-34.03%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-16.75%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-34.03%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-33.51%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-17.8%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-34.55%)
SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+825.13%)
Stegseek⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (-2.09%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-2.09%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (-4.19%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (-9.42%)
Firecrack🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Stars: ✭ 157 (-17.8%)
SubrakeA Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
Stars: ✭ 125 (-34.55%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-18.32%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-36.13%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+799.48%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-9.95%)
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
Stars: ✭ 155 (-18.85%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-36.65%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-37.17%)
Web2attackWeb hacking framework with tools, exploits by python
Stars: ✭ 152 (-20.42%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+781.68%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+920.42%)