Keylogger🔐 Open Source Python Keylogger Collection
Stars: ✭ 97 (-60.57%)
CyphonOpen source incident management and response platform.
Stars: ✭ 543 (+120.73%)
ContainersshContainerSSH: Launch containers on demand
Stars: ✭ 195 (-20.73%)
SkyarkSkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Stars: ✭ 526 (+113.82%)
AttacksurfaceanalyzerAttack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
Stars: ✭ 1,341 (+445.12%)
Npq🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (+108.54%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-39.02%)
Cheetaha very fast brute force webshell password tool
Stars: ✭ 509 (+106.91%)
CobraSource Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+1039.02%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+102.85%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (-61.38%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+97.56%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-39.43%)
GobyAttack surface mapping
Stars: ✭ 446 (+81.3%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (-62.2%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+1890.65%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-22.76%)
Awesome Test AutomationA curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com
Stars: ✭ 4,712 (+1815.45%)
Password LeakA library to check for compromised passwords
Stars: ✭ 92 (-62.6%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+78.46%)
HyugaHyuga 一个用来记录DNS查询和HTTP请求的监控工具。
Stars: ✭ 148 (-39.84%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (+77.24%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-64.63%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+76.83%)
Honggfuzz RsFuzz your Rust code with Google-developed Honggfuzz !
Stars: ✭ 222 (-9.76%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+73.58%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-66.26%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (+73.98%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-40.65%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+73.58%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+405.69%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+71.95%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: ✭ 191 (-22.36%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+69.11%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-66.67%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+68.29%)
AnsibleplaybooksA collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
Stars: ✭ 143 (-41.87%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+64.63%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+399.59%)
TelemetrysourcererEnumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (+62.6%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-13.41%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (+61.79%)
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-67.89%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+1474.39%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-42.28%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+56.5%)
Radio HackboxPoC tool to demonstrate vulnerabilities in wireless input devices
Stars: ✭ 74 (-69.92%)
Envizonnetwork visualization & vulnerability management/reporting
Stars: ✭ 382 (+55.28%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-22.36%)
BrutedetGeneralized proof of concept tool which can be used for drop-in bruteforce protection when needed.
Stars: ✭ 5 (-97.97%)
Nrf24 PlaysetSoftware tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
Stars: ✭ 73 (-70.33%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1297.97%)
StrongboxA secret manager for AWS
Stars: ✭ 243 (-1.22%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-3.66%)
FingerprinterCMS/LMS/Library etc Versions Fingerprinter
Stars: ✭ 227 (-7.72%)
SksSecurity Knowledge Structure(安全知识汇总)
Stars: ✭ 205 (-16.67%)
Rastrea2rCollecting & Hunting for IOCs with gusto and style
Stars: ✭ 169 (-31.3%)