DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+2010.81%)
DomainfuzzDomain name permutation engine for detecting typo squatting, phishing and corporate espionage
Stars: ✭ 74 (-50%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-46.62%)
TigersharkBilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.
Stars: ✭ 212 (+43.24%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+72.97%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+138.51%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+220.27%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1328.38%)
HarpoonCLI tool for open source and threat intelligence
Stars: ✭ 679 (+358.78%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+2254.73%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+116.22%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-6.08%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+196.62%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+4550%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+4795.95%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+510.81%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+416.22%)
SootyThe SOC Analysts all-in-one CLI tool to automate and speed up workflow.
Stars: ✭ 867 (+485.81%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+549.32%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-57.43%)
Ioc2rpzioc2rpz is a place where threat intelligence meets DNS.
Stars: ✭ 67 (-54.73%)
Misp DashboardA dashboard for a real-time overview of threat intelligence from MISP instances
Stars: ✭ 142 (-4.05%)
1hostsDNS filter-/blocklists | safe. private. clean. browsing!
Stars: ✭ 85 (-42.57%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+102.7%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (+102.7%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+117.57%)
Phishing.databasePhishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
Stars: ✭ 296 (+100%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+3208.78%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+204.05%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+246.62%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+100.68%)
HabuHacking Toolkit
Stars: ✭ 635 (+329.05%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+357.43%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (+260.14%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+510.14%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+458.11%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+496.62%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+2191.22%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-10.81%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+645.27%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-53.38%)
Otx mispImports Alienvault OTX pulses to a MISP instance
Stars: ✭ 45 (-69.59%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+750.68%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-39.86%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-41.89%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-12.16%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-74.32%)
Python WhoisPython module/library for retrieving WHOIS information of domains 💻❤
Stars: ✭ 128 (-13.51%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-30.41%)
BassBass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"
Stars: ✭ 104 (-29.73%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-27.03%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-36.49%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-27.7%)
Mitm Scripts🔄 A collection of mitmproxy inline scripts
Stars: ✭ 109 (-26.35%)
Msploitego Pentesting suite for Maltego based on data in a Metasploit database
Stars: ✭ 124 (-16.22%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (+79.05%)