ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+312.22%)
ArcanusARCANUS is a customized payload generator/handler.
Stars: ✭ 130 (-27.78%)
RobustpentestmacroThis is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.
Stars: ✭ 95 (-47.22%)
MsfpcMSFvenom Payload Creator (MSFPC)
Stars: ✭ 808 (+348.89%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1353.89%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (+276.67%)
Cve 2019 0604cve-2019-0604 SharePoint RCE exploit
Stars: ✭ 91 (-49.44%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+3723.33%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+964.44%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+258.33%)
Trackray溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Stars: ✭ 1,295 (+619.44%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+245%)
KaitenA Undetectable Payload Generation
Stars: ✭ 169 (-6.11%)
Pentest EnvPentest environment deployer (kali linux + targets) using vagrant and chef.
Stars: ✭ 610 (+238.89%)
ImgbackdoorHide your payload into .jpg file
Stars: ✭ 87 (-51.67%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+225.56%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+591.11%)
PyrdpRDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Stars: ✭ 567 (+215%)
StitchPython Remote Administration Tool (RAT)
Stars: ✭ 2,018 (+1021.11%)
UefiFast and lightweight yet another UEFI implementation
Stars: ✭ 79 (-56.11%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+346.67%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-28.33%)
HerculesHERCULES is a special payload generator that can bypass antivirus softwares.
Stars: ✭ 526 (+192.22%)
Burp Bounty ProfilesBurp Bounty profiles compilation, feel free to contribute!
Stars: ✭ 76 (-57.78%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-26.11%)
KratosknifeKratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc
Stars: ✭ 97 (-46.11%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+342.22%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+163.33%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+553.33%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+157.22%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-30%)
Chaos🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.
Stars: ✭ 1,168 (+548.89%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+145.56%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-20%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+140%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+544.44%)
Wahh extrasThe Web Application Hacker's Handbook - Extra Content
Stars: ✭ 428 (+137.78%)
Nraynray distributed port scanner
Stars: ✭ 125 (-30.56%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+134.44%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+528.89%)
PwndocPentest Report Generator
Stars: ✭ 417 (+131.67%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-8.89%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-68.89%)
PurplecloudAn Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
Stars: ✭ 122 (-32.22%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+4206.67%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+646.67%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+331.11%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+3642.78%)
SkaSimple Karma Attack
Stars: ✭ 55 (-69.44%)
HackapkAn Advanced Tool For Complete Apk-Modding In Termux ...
Stars: ✭ 180 (+0%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-3.33%)