Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+817.19%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (+429.69%)
BrutemapLet's find someone's account
Stars: ✭ 113 (-11.72%)
Awesome HackingA collection of various awesome lists for hackers, pentesters and security researchers
Stars: ✭ 48,038 (+37429.69%)
Instabruteforcehacking-tool termux-tools termux noob-friendly instagram-bot bruteforce-password-cracker wordlist-technique
Stars: ✭ 86 (-32.81%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-68.75%)
Chaos🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.
Stars: ✭ 1,168 (+812.5%)
Redteam vul红队作战中比较常遇到的一些重点系统漏洞整理。
Stars: ✭ 1,271 (+892.97%)
Arpspoof arpspoof for macOS - intercept packets on a switched LAN
Stars: ✭ 40 (-68.75%)
NsablocklistHOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server
Stars: ✭ 630 (+392.19%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-46.87%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (+379.69%)
Dark FbHack Facebook
Stars: ✭ 98 (-23.44%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+374.22%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-46.87%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+373.44%)
VirtualsecconsAn ongoing list of virtual cybersecurity conferences.
Stars: ✭ 113 (-11.72%)
CharlatanoProves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems
Stars: ✭ 599 (+367.97%)
Fail2ban.webexploitsThis custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.
Stars: ✭ 67 (-47.66%)
Ios Debug Hacks🎯 Advanced debugging skills used in the iOS project development process, involves the dynamic debugging, static analysis and decompile of third-party libraries. iOS 项目开发过程中用到的高级调试技巧,涉及三方库动态调试、静态分析和反编译等领域
Stars: ✭ 595 (+364.84%)
Aura BotnetA super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.
Stars: ✭ 95 (-25.78%)
ThefatratThefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (+4543.75%)
B1tifissh management tool to provides commandline access to a remote system running SSH server
Stars: ✭ 65 (-49.22%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1422.66%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+336.72%)
XshockXSHOCK Shellshock Exploit
Stars: ✭ 65 (-49.22%)
Oscp AutomationA collection of personal scripts used in hacking excercises.
Stars: ✭ 118 (-7.81%)
The Book Of Secret KnowledgeA collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Stars: ✭ 55,582 (+43323.44%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-30.47%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+675%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+25610.16%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+784.38%)
Impulse💣 Impulse Denial-of-service ToolKit
Stars: ✭ 538 (+320.31%)
TweetshellMulti-thread Twitter BruteForcer in Shell Script
Stars: ✭ 112 (-12.5%)
Name That Hash🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥
Stars: ✭ 540 (+321.88%)
Attack Surface Detector BurpThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 63 (-50.78%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (+316.41%)
NeedleThe iOS Security Testing Framework
Stars: ✭ 1,122 (+776.56%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-3.91%)
Saint👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]
Stars: ✭ 522 (+307.81%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-25%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+303.91%)
RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
Stars: ✭ 1,109 (+766.41%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+660.94%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-30.47%)
Swift KeyloggerKeylogger for mac written in Swift using HID
Stars: ✭ 995 (+677.34%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-69.53%)
AnsvifA Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-16.41%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-30.47%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-70.31%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-32.03%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (+667.97%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+660.94%)