M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (+3%)
password-listPassword lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+74%)
Password LeakA library to check for compromised passwords
Stars: ✭ 92 (-8%)
laravel-pwned-passwordsSimple Laravel validation rule that allows you to prevent or limit the re-use of passwords that are known to be pwned (unsafe). Based on TroyHunt's Have I Been Pwned (https://haveibeenpwned.com)
Stars: ✭ 67 (-33%)
Pwned Passwords🔐Go client library for checking values against compromised HIBP Pwned Passwords
Stars: ✭ 81 (-19%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (+52%)
WhalerProgram to reverse Docker images into Dockerfiles
Stars: ✭ 670 (+570%)
Dumb PasswordsDon't let your user be a victim of their own action
Stars: ✭ 77 (-23%)
keevaultKee Vault is a password manager for your web browser. Password databases (Vaults) are encrypted using the KeePass storage format before being sent to a remote server for synchronisation across any modern device/browser
Stars: ✭ 57 (-43%)
SpicypassA light-weight password manager with a focus on simplicity and security
Stars: ✭ 367 (+267%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+501%)
Gg ShieldDetect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Stars: ✭ 708 (+608%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-10%)
Chrome Export PasswordsShow all your chromium passwords in format ready to import in other browser like FireFox
Stars: ✭ 80 (-20%)
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-21%)
Keylogger🔐 Open Source Python Keylogger Collection
Stars: ✭ 97 (-3%)
KatzkatzPython3 script to parse txt files containing Mimikatz output
Stars: ✭ 91 (-9%)
Radio HackboxPoC tool to demonstrate vulnerabilities in wireless input devices
Stars: ✭ 74 (-26%)
Nrf24 PlaysetSoftware tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
Stars: ✭ 73 (-27%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-11%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-27%)
AttacksurfaceanalyzerAttack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
Stars: ✭ 1,341 (+1241%)
Viewfinderjs📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e
Stars: ✭ 1,175 (+1075%)
Bank VaultsA Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.
Stars: ✭ 1,316 (+1216%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+1129%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-3%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+1119%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-28%)
Awx MigrateTool to migrate AWX to a new instance
Stars: ✭ 89 (-11%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-3%)
NotrulerThe opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
Stars: ✭ 72 (-28%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-13%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+1077%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+1257%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-28%)
Argon2pwArgon2 password hashing package for go with constant time hash comparison
Stars: ✭ 85 (-15%)
PwnedpasswordsdllOpen source solution to check prospective AD passwords against previously breached passwords
Stars: ✭ 71 (-29%)
SecureloginThis version won't be maintained!
Stars: ✭ 1,259 (+1159%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-17%)
SenvFriends don't let friends leak secrets on their terminal window 🙈
Stars: ✭ 71 (-29%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+1064%)
SliverAdversary Simulation Framework
Stars: ✭ 1,348 (+1248%)
Secretsend a message through a safe, private, and encrypted link that automatically expires to ensure your stuff does not remain online forever.
Stars: ✭ 83 (-17%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-30%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+1144%)
Firepwned🙏 Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API.
Stars: ✭ 69 (-31%)