A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+10.72%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+212.75%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+96.52%)
GoreconGorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
Stars: ✭ 208 (-39.71%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-69.57%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-64.64%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (-77.97%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-19.42%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-53.04%)
MX1014MX1014 is a flexible, lightweight and fast port scanner.
Stars: ✭ 79 (-77.1%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-58.84%)
sharinganOffensive Security recon tool
Stars: ✭ 88 (-74.49%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+7.25%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+19.71%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+638.55%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+182.32%)
AutoenumAutomatic Service Enumeration Script
Stars: ✭ 134 (-61.16%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-62.32%)
Nwatch🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting
Stars: ✭ 127 (-63.19%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-49.86%)
Recon-XAdvanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-92.17%)
PycurityPython Security Scripts
Stars: ✭ 218 (-36.81%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+47.54%)
Ssh keyscannerssh public host key scanner using shodan
Stars: ✭ 102 (-70.43%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-51.59%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-93.62%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+826.96%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (-21.45%)
Netcat💻 Netcat client and server modules written in pure Javascript for Node.js.
Stars: ✭ 315 (-8.7%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (-21.45%)
ZeronetZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network
Stars: ✭ 17,227 (+4893.33%)
Localradio📻 LocalRadio is "Radio for Cord-Cutters" – a Software-Defined Radio (SDR) app for your Mac and mobile devices. With an inexpensive RTL-SDR USB device, LocalRadio provides a casual, home-based radio listening experience for your favorite local frequencies - FM broadcasts/free music/news/sports/weather/public safety & aviation scanner/etc.
Stars: ✭ 269 (-22.03%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-8.99%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+752.75%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (-22.32%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-4.06%)
WebanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (-9.86%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-22.32%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+805.51%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-10.14%)
I18next ScannerScan your code, extract translation keys/values, and merge them into i18n resource files.
Stars: ✭ 259 (-24.93%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-5.51%)
ApiVulners Python API wrapper
Stars: ✭ 313 (-9.28%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (-24.64%)
Lyncsmashlocate and attack Lync/Skype for Business
Stars: ✭ 258 (-25.22%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (-25.8%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (-0.87%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-25.8%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (-6.09%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+942.32%)
HostingThis is a setup for a Tor based shared web hosting server
Stars: ✭ 254 (-26.38%)
CheckiptoolsCheckIPTools 扫描谷歌IP以及实用IP转换小工具
Stars: ✭ 253 (-26.67%)
FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+1063.19%)
HOUDINIHundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Stars: ✭ 791 (+129.28%)
pascal-interpreterA simple interpreter for a large subset of Pascal language written for educational purposes
Stars: ✭ 21 (-93.91%)
BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (-12.17%)