DirsearchWeb path scanner
Stars: ✭ 7,246 (+7608.51%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+2359.57%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+34909.57%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1840.43%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+3029.79%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1951.06%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+724.47%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+77.66%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-76.6%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (+181.91%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-8.51%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-5.32%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-71.28%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-62.77%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-70.21%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+3626.6%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+215.96%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+306.38%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (+223.4%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+275.53%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+328.72%)
Easy hackHack the World using Termux
Stars: ✭ 549 (+484.04%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+1239.36%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+708.51%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-81.91%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (+88.3%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+26.6%)
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Stars: ✭ 302 (+221.28%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-46.81%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-35.11%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-75.53%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-17.02%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+3507.45%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (+219.15%)
LegionAutomatic Enumeration Tool based in Open Source tools
Stars: ✭ 280 (+197.87%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+242.55%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+186.17%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (+176.6%)
HabuHacking Toolkit
Stars: ✭ 635 (+575.53%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+715.96%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+722.34%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+404.26%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+5846.81%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+5109.57%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+620.21%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+712.77%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+379.79%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+861.7%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+813.83%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+922.34%)
AtscanAdvanced dork Search & Mass Exploit Scanner
Stars: ✭ 817 (+769.15%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+839.36%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-59.57%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-73.4%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-18.09%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+378.72%)