KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-80.63%)
Recon-XAdvanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-96.96%)
MylgNetwork Diagnostic Tool
Stars: ✭ 2,538 (+185.81%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-96.06%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-41.78%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (-52.48%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-60.25%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-80.97%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+287.27%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-54.39%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-51.91%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-3.27%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+851.46%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+21.73%)
Nmap Nse InfoBrowse and search through nmap's NSE scripts.
Stars: ✭ 54 (-93.92%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-92.57%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+16.22%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+46.73%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-89.98%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (-49.21%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-86.26%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+93.47%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-85.36%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-86.37%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-83.11%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-83.78%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-81.19%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-69.82%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (-56.31%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-49.32%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+451.46%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (-32.21%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (-15.09%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (-32.32%)
Koa HelmetImportant security headers for koa
Stars: ✭ 595 (-33%)
PasscoreA self-service password management tool for Active Directory
Stars: ✭ 787 (-11.37%)
NewcrawlerFree Web Scraping Tool with Java
Stars: ✭ 589 (-33.67%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-18.36%)
TorbotDark Web OSINT Tool
Stars: ✭ 821 (-7.55%)
PompemFind exploit tool
Stars: ✭ 786 (-11.49%)
DouyinAPI of DouYin for Humans used to Crawl Popular Videos and Musics
Stars: ✭ 580 (-34.68%)
NetdiscoveryNetDiscovery 是一款基于 Vert.x、RxJava 2 等框架实现的通用爬虫框架/中间件。
Stars: ✭ 573 (-35.47%)
FilemastaA search application to explore, discover and share online files
Stars: ✭ 571 (-35.7%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (-19.48%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (-36.49%)
FessFess is very powerful and easily deployable Enterprise Search Server.
Stars: ✭ 561 (-36.82%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-11.49%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (-20.16%)
Xxl CrawlerA distributed web crawler framework.(分布式爬虫框架XXL-CRAWLER)
Stars: ✭ 561 (-36.82%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-37.39%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (-37.05%)
Wechatsogou基于搜狗微信搜索的微信公众号爬虫接口
Stars: ✭ 5,220 (+487.84%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (-6.19%)
GospiderGospider - Fast web spider written in Go
Stars: ✭ 785 (-11.6%)