SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (-9.92%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (-37.63%)
Pass RotateA tool and library for rotating your password on online services
Stars: ✭ 610 (-21.39%)
DarthsidiousBuilding an Active Directory domain and hacking it
Stars: ✭ 479 (-38.27%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-38.92%)
DotdotpwnDotDotPwn - The Directory Traversal Fuzzer
Stars: ✭ 601 (-22.55%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (-12.63%)
NfcgateAn NFC research toolkit application for Android
Stars: ✭ 425 (-45.23%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-40.34%)
Wpa2 WordlistsA collection of wordlists dictionaries for password cracking
Stars: ✭ 597 (-23.07%)
WhalerProgram to reverse Docker images into Dockerfiles
Stars: ✭ 670 (-13.66%)
Skf FlaskSecurity Knowledge Framework (SKF) Python Flask / Angular project
Stars: ✭ 573 (-26.16%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-46.01%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-42.01%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+620.36%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+833.76%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-44.97%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (-45.88%)
GofaasA boilerplate Go and AWS Lambda app. Demonstrates an expert configuration of 10+ AWS services to support running Go functions-as-a-service (FaaS).
Stars: ✭ 731 (-5.8%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-46.39%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-27.06%)
Thc Ipv6IPv6 attack toolkit
Stars: ✭ 673 (-13.27%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-46.78%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (-26.93%)
PoweropsPowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
Stars: ✭ 412 (-46.91%)
Serverless ExpressRun Node.js web applications and APIs using existing application frameworks on AWS #serverless technologies such as Lambda, API Gateway, Lambda@Edge, and ALB.
Stars: ✭ 4,265 (+449.61%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-28.35%)
SambambaTools for working with SAM/BAM data
Stars: ✭ 409 (-47.29%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-0.13%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-2.06%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-6.57%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (-13.27%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+665.85%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-48.07%)
Advisory DbSecurity advisory database for Rust crates published through crates.io
Stars: ✭ 396 (-48.97%)
Easy hackHack the World using Termux
Stars: ✭ 549 (-29.25%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (-48.97%)
GhostwriterThe SpecterOps project management and reporting engine
Stars: ✭ 394 (-49.23%)
SqliscannerAutomatic SQL injection with Charles and sqlmap api
Stars: ✭ 674 (-13.14%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+4140.85%)
Pentesterspecialdict渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
Stars: ✭ 391 (-49.61%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-49.48%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (-30.15%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (-49.61%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-49.87%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (-7.86%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (-16.88%)
GofetchGoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
Stars: ✭ 543 (-30.03%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (-50.13%)
AclightA script for advanced discovery of Privileged Accounts - includes Shadow Admins
Stars: ✭ 536 (-30.93%)
Fwanalyzera tool to analyze filesystem images for security
Stars: ✭ 382 (-50.77%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-51.29%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-31.31%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+436.34%)
HtslibC library for high-throughput sequencing data formats
Stars: ✭ 529 (-31.83%)
ChromepassChromepass - Hacking Chrome Saved Passwords
Stars: ✭ 364 (-53.09%)