BruteSploitBruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
Stars: ✭ 26 (-71.11%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-24.44%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+3667.78%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-75.56%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+454.44%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+264.44%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (+257.78%)
Vulnhub Ctf WriteupsThis cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Stars: ✭ 368 (+308.89%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+257.78%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+323.33%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+4524.44%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-84.44%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+350%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+1264.44%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+347.78%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+400%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+1308.89%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+426.67%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+460%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-1.11%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-26.67%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+345.56%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-24.44%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+446.67%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+6866.67%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+474.44%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+218.89%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+6091.11%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+517.78%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1162.22%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+521.11%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+6111.11%)
Libc DatabaseBuild a database of libc offsets to simplify exploitation
Stars: ✭ 1,122 (+1146.67%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+606.67%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+7546.67%)
Weblogger针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具
Stars: ✭ 547 (+507.78%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (+647.78%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-12.22%)
CtfcracktoolsChina's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
Stars: ✭ 1,118 (+1142.22%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (+694.44%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (-31.11%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+652.22%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-5.56%)
Oscp Ctfoscp-ctf is a small collection of basic Bash scripts that make life easier and save time whether you are in the OSCP labs, HackThebox or playing around with CTFs.
Stars: ✭ 62 (-31.11%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+705.56%)
NullctfA Discord bot that provides ctf tools for collaboration in Discord servers!
Stars: ✭ 78 (-13.33%)
Name That Hash🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥
Stars: ✭ 540 (+500%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+653.33%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+708.89%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+737.78%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+744.44%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+793.33%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+761.11%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+791.11%)