SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+825.13%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-68.59%)
RmiscoutRMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
Stars: ✭ 296 (+54.97%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-58.64%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-43.98%)
Vipermetasploit-framework 图形界面 / 图形化内网渗透工具
Stars: ✭ 487 (+154.97%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+183.25%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-74.87%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-48.17%)
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
Stars: ✭ 155 (-18.85%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+509.42%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-53.93%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-81.68%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+538.22%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (+0%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+920.42%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-68.06%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-82.2%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-81.15%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+305.76%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-49.21%)
Awesome Malware💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.
Stars: ✭ 108 (-43.46%)
Black WidowGUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124 (-35.08%)
SharpAn anti-ARP-spoofing application software that use active and passive scanning methods to detect and remove any ARP-spoofer from the network.
Stars: ✭ 150 (-21.47%)
StracciatellaOpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
Stars: ✭ 171 (-10.47%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-21.47%)
DiscordcryptEnd-To-End File & Message Encryption For Discord
Stars: ✭ 150 (-21.47%)
Community ThreatsThe GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.
Stars: ✭ 169 (-11.52%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-21.99%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-12.04%)
HackercampEnine boyuna siber güvenlik
Stars: ✭ 149 (-21.99%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1343.98%)
Unwebpack SourcemapExtract uncompiled, uncompressed SPA code from Webpack source maps.
Stars: ✭ 176 (-7.85%)
ZigdiggityA ZigBee hacking toolkit by Bishop Fox
Stars: ✭ 169 (-11.52%)
HyugaHyuga 一个用来记录DNS查询和HTTP请求的监控工具。
Stars: ✭ 148 (-22.51%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-23.04%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-23.56%)
InvokerPenetration testing utility, and antivirus assessment tool.
Stars: ✭ 178 (-6.81%)
Bunkerized Nginx🛡️ Make your web services secure by default !
Stars: ✭ 2,361 (+1136.13%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1006.81%)
Pyiris BackdoorPyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Stars: ✭ 145 (-24.08%)
Rastrea2rCollecting & Hunting for IOCs with gusto and style
Stars: ✭ 169 (-11.52%)
OpenctiAuthors
Stars: ✭ 2,165 (+1033.51%)
Misp DashboardA dashboard for a real-time overview of threat intelligence from MISP instances
Stars: ✭ 142 (-25.65%)
Poet[unmaintained] Post-exploitation tool
Stars: ✭ 184 (-3.66%)
DufflebagSearch exposed EBS volumes for secrets
Stars: ✭ 177 (-7.33%)
ZombieantZombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
Stars: ✭ 169 (-11.52%)
AnsibleplaybooksA collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
Stars: ✭ 143 (-25.13%)
Pwk Oscp Preparation RoadmapRoadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome
Stars: ✭ 142 (-25.65%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-11.52%)
WebpocketExploit management framework
Stars: ✭ 142 (-25.65%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-25.65%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-7.33%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-12.57%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-25.65%)