Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (-38.09%)
DronesploitDrone pentesting framework console
Stars: ✭ 473 (-39.75%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (-19.36%)
GobyAttack surface mapping
Stars: ✭ 446 (-43.18%)
AutosploitAutomated Mass Exploiter
Stars: ✭ 4,500 (+473.25%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (-5.86%)
Gg ShieldDetect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Stars: ✭ 708 (-9.81%)
HabuHacking Toolkit
Stars: ✭ 635 (-19.11%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+523.82%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (-40.89%)
Awesome Test AutomationA curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com
Stars: ✭ 4,712 (+500.25%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (-9.94%)
Security ListPenetrum LLC opensource security tool list.
Stars: ✭ 619 (-21.15%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-44.08%)
SpoofcheckSimple script that checks a domain for email protections
Stars: ✭ 437 (-44.33%)
Embaemba - An analyzer for Linux-based firmware of embedded devices.
Stars: ✭ 607 (-22.68%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (-44.46%)
Cookie crimesRead local Chrome cookies without root or decrypting
Stars: ✭ 434 (-44.71%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (-2.29%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (-6.11%)
HardeningHardening Ubuntu. Systemd edition.
Stars: ✭ 705 (-10.19%)
Articles Translator📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (-22.8%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-44.59%)
GosecGolang security checker
Stars: ✭ 5,694 (+625.35%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (-23.31%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-45.61%)
R0akr0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
Stars: ✭ 698 (-11.08%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (-23.44%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-45.99%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (-24.08%)
ChroniclePublic append-only ledger microservice built with Slim Framework
Stars: ✭ 429 (-45.35%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (-46.11%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+612.1%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (-46.11%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-46.62%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+609.81%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-47.01%)
EyeballerConvolutional neural network for analyzing pentest screenshots
Stars: ✭ 416 (-47.01%)
ServerscanServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Stars: ✭ 674 (-14.14%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (-47.26%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-47.39%)
PlutusAn automated bitcoin wallet collider that brute forces random wallet addresses
Stars: ✭ 404 (-48.54%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-48.41%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-1.27%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-3.18%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+700.13%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+823.06%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (-28.28%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (-48.79%)
TelemetrysourcererEnumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (-49.04%)
Anti Ddos🔒 Anti DDOS | Bash Script Project 🔒
Stars: ✭ 561 (-28.54%)
AdhritAndroid Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (-49.17%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (-49.3%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (-49.55%)