EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (-45.55%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-17.94%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-45.42%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-90.97%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-79.1%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-75.48%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (-45.42%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+137.03%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+119.35%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-83.87%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-46.71%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-81.42%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-45.29%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+275.61%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-44.26%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-78.19%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-78.97%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+68.13%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-75.1%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-72.39%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-41.94%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-73.94%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-74.32%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-62.97%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+379.35%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (-39.87%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (-84.39%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-95.61%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-95.1%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-96.77%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-95.23%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-86.19%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-94.45%)
SimpleKeyloggerSimple Keylogger with smtp to send emails on your account using python works on linux and Windows
Stars: ✭ 32 (-95.87%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-72.52%)
offensive-docker-vpsCreate a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Stars: ✭ 66 (-91.48%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-66.97%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (-6.06%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-93.81%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (-64.9%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-35.48%)
Zbn安全编排与自动化响应平台
Stars: ✭ 201 (-74.06%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-95.48%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-65.29%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-30.19%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-58.45%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-55.35%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-57.29%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-54.19%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-57.68%)
KatanaA Python Tool For google Hacking
Stars: ✭ 355 (-54.19%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+666.84%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-52.65%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (-27.35%)