ApisecuritybestpracticesResources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
Stars: ✭ 1,745 (+885.88%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+937.85%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-15.82%)
Cli🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Stars: ✭ 2,151 (+1115.25%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-32.2%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-14.12%)
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (+896.61%)
AndroidlibraryAndroid library to reveal or obfuscate strings and assets at runtime
Stars: ✭ 162 (-8.47%)
Burp ExporterExporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.
Stars: ✭ 122 (-31.07%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-17.51%)
Netsec Ps ScriptsCollection of PowerShell network security scripts for system administrators.
Stars: ✭ 139 (-21.47%)
SojoboA binary analysis framework
Stars: ✭ 116 (-34.46%)
DnsbinThe request.bin of DNS request
Stars: ✭ 157 (-11.3%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+930.51%)
Rastrea2rCollecting & Hunting for IOCs with gusto and style
Stars: ✭ 169 (-4.52%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-24.86%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-15.25%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-26.55%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-2.26%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-29.94%)
HyugaHyuga 一个用来记录DNS查询和HTTP请求的监控工具。
Stars: ✭ 148 (-16.38%)
Privacy RespectingCurated List of Privacy Respecting Services and Software
Stars: ✭ 1,663 (+839.55%)
Web ShellsSome of the best web shells that you might need!
Stars: ✭ 162 (-8.47%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-34.46%)
AnsibleplaybooksA collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
Stars: ✭ 143 (-19.21%)
ConsolemeA Central Control Plane for AWS Permissions and Access
Stars: ✭ 2,631 (+1386.44%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-34.46%)
ExeinExein core for Linux based firmware
Stars: ✭ 158 (-10.73%)
Personal Security Checklist🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021
Stars: ✭ 2,388 (+1249.15%)
ZigdiggityA ZigBee hacking toolkit by Bishop Fox
Stars: ✭ 169 (-4.52%)
Clr MeterpreterThe full story of the CLR implementation of Meterpreter
Stars: ✭ 137 (-22.6%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-11.86%)
EncpipeThe dum^H^H^Hsimplest encryption tool in the world.
Stars: ✭ 135 (-23.73%)
Antiddos System🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!
Stars: ✭ 173 (-2.26%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+989.27%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-14.69%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-24.29%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-7.34%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1150.28%)
DiscordcryptEnd-To-End File & Message Encryption For Discord
Stars: ✭ 150 (-15.25%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-27.68%)
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+1244.07%)
SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+898.31%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-31.07%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-8.47%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-16.95%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-32.2%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-3.39%)
Cloud Discovery Cloud Discovery provides a point in time enumeration of all the cloud native platform services
Stars: ✭ 119 (-32.77%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1094.35%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+1418.08%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-8.47%)
WebpocketExploit management framework
Stars: ✭ 142 (-19.77%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+0%)
Dnxfirewalldnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.
Stars: ✭ 174 (-1.69%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-5.08%)
NebulousadNebulousAD automated credential auditing tool.
Stars: ✭ 158 (-10.73%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-19.77%)