Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+521.11%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+6091.11%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (+25.56%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (+48.89%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+606.67%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+7546.67%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (+66.67%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (+20%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (+86.67%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (+82.22%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (+647.78%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+653.33%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+80%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (+16.67%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1098.89%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (+694.44%)
RsfThe Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-15.56%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+652.22%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+708.89%)
CtfsubmitterA flag submitter service with distributed attackers for attack/defense CTF games.
Stars: ✭ 56 (-37.78%)
penelopePenelope Shell Handler
Stars: ✭ 291 (+223.33%)
tmpleakLeak other players' temporary workspaces for ctf and wargames.
Stars: ✭ 76 (-15.56%)
axionA toolkit for CTFs
Stars: ✭ 15 (-83.33%)
Android Pin BruteforceUnlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
Stars: ✭ 217 (+141.11%)
ImageStrikeImageStrike是一款用于CTF中图片隐写的综合利用工具
Stars: ✭ 118 (+31.11%)
Auto-AWD🚩 CTF AWD framework
Stars: ✭ 24 (-73.33%)
TomatoToolsTomatoTools 一款CTF杂项利器,支持36种常见编码和密码算法的加密和解密,31种密文的分析和识别,支持自动提取flag,自定义插件等。
Stars: ✭ 66 (-26.67%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+218.89%)
bentoBento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.
Stars: ✭ 74 (-17.78%)
BerylEnigma一个为渗透测试与CTF而制作的工具集,主要实现一些加解密的功能。
Stars: ✭ 329 (+265.56%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (+14.44%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-57.78%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-75.56%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+991.11%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-84.44%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-4.44%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-74.44%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+218.89%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (+237.78%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+9287.78%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+294.44%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+5697.78%)
Crypto封装多种CTF和平时常见加密及编码C#类库
Stars: ✭ 20 (-77.78%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+334.44%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+332.22%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+744.44%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+737.78%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+761.11%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+761.11%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+791.11%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+904.44%)
LscriptThe LAZY script will make your life easier, and of course faster.
Stars: ✭ 3,056 (+3295.56%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (+7.78%)