EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+795.1%)
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: ✭ 183 (-10.29%)
Pe LinuxLinux Privilege Escalation Tool By WazeHell
Stars: ✭ 168 (-17.65%)
Jenkins ShellAutomating Jenkins Hacking using Shodan API
Stars: ✭ 84 (-58.82%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-57.35%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+527.94%)
Geo ReconAn OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.
Stars: ✭ 82 (-59.8%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-34.31%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+507.35%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-57.35%)
Awesome Hacking ListsProject transferred to: https://github.com/taielab/awesome-hacking-lists
Stars: ✭ 203 (-0.49%)
Hooksolinux动态链接库的注入修改查找工具 A tool for injection, modification and search of linux dynamic link library
Stars: ✭ 87 (-57.35%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-59.8%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-10.29%)
Dymerge🔓 A dynamic dictionary merger for successful dictionary based attacks.
Stars: ✭ 167 (-18.14%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-34.31%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-60.29%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+501.96%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-34.8%)
DeathstarUses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Stars: ✭ 1,221 (+498.53%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-34.8%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (-18.14%)
IntelspyPerform automated network reconnaissance scans
Stars: ✭ 134 (-34.31%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-59.8%)
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-61.27%)
HoundsploitAn advanced graphical search engine for Exploit-DB
Stars: ✭ 81 (-60.29%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-35.29%)
BlackwormBlack Worm Offical Repo
Stars: ✭ 80 (-60.78%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-18.14%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-61.27%)
Decoder Plus PlusAn extensible application for penetration testers and software developers to decode/encode data into various formats.
Stars: ✭ 79 (-61.27%)
Dark Fantasy Hack ToolDDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking information. Email scraper: To get all emails related to a webpage IMDB Rating: Easy way to access the movie database. Both .exe(compressed as zip) and .py versions are available in files.
Stars: ✭ 131 (-35.78%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+490.69%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (-10.29%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-61.76%)
Blackphish🔱 [ Phishing Made Easy ] 🔱 (In Beta)
Stars: ✭ 133 (-34.8%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-18.63%)
ThreadboatProgram Uses Thread Execution Hijacking To Inject Native Shell-code Into a Standard Win32 Application
Stars: ✭ 132 (-35.29%)
YsfYSF Server Functions
Stars: ✭ 77 (-62.25%)
Griefing MethodsA documentation about how to hack Minecraft servers
Stars: ✭ 76 (-62.75%)
Sniff ProbesPlug-and-play bash script for sniffing 802.11 probes requests 👃
Stars: ✭ 200 (-1.96%)
FacebashFacebook Brute Forcer in shellscript using TOR
Stars: ✭ 195 (-4.41%)
Burp Bounty ProfilesBurp Bounty profiles compilation, feel free to contribute!
Stars: ✭ 76 (-62.75%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+984.8%)
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+482.35%)
Movies For Hackers🎬 A curated list of movies every hacker & cyberpunk must watch.
Stars: ✭ 8,884 (+4254.9%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+783.33%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+485.29%)
SeginfofaqFAQ del mundo de la seguridad informática en español.
Stars: ✭ 73 (-64.22%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-64.22%)
SandmapNmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
Stars: ✭ 1,180 (+478.43%)
Lor Axe🪓 a multi-threaded, low-bandwidth HTTP DOS tool
Stars: ✭ 72 (-64.71%)
PspyMonitor linux processes without root permissions
Stars: ✭ 2,470 (+1110.78%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-35.78%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+475.49%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-65.2%)