toolsTools used for Penetration testing / Red Teaming
Stars: ✭ 63 (-67.53%)
DevBrute-A Password Brute ForcerDevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (-53.09%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-35.05%)
filter-var-sqliBypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
Stars: ✭ 29 (-85.05%)
WPA2-FritzBox-Pswd-Wordlist-GeneratorThis Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.
Stars: ✭ 22 (-88.66%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-88.14%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-72.68%)
pentest-toolsGeneral stuff for pentesting - password cracking, phishing, automation, Kali, etc.
Stars: ✭ 52 (-73.2%)
brutekragPenetration tests on SSH servers using brute force or dictionary attacks. Written in Python.
Stars: ✭ 30 (-84.54%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-89.18%)
xecaPowerShell payload generator
Stars: ✭ 103 (-46.91%)
clairvoyanceObtain GraphQL API Schema even if the introspection is not enabled
Stars: ✭ 448 (+130.93%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-90.21%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (-29.38%)
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
Stars: ✭ 76 (-60.82%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-87.11%)
sshamebrute force SSH public-key authentication
Stars: ✭ 43 (-77.84%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-26.8%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (+34.02%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+46.91%)
AntiEye:.IP webcam penetration test suit.:
Stars: ✭ 21 (-89.18%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-93.3%)
DNSExplorerBash script that automates the enumeration of domains and DNS servers in the active information gathering.
Stars: ✭ 33 (-82.99%)
lavaMicrosoft Azure Exploitation Framework
Stars: ✭ 46 (-76.29%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-60.31%)
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Stars: ✭ 109 (-43.81%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-70.1%)
c2A simple, extensible C&C beaconing system.
Stars: ✭ 93 (-52.06%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-64.43%)
metagoofilSearch Google and download specific file types
Stars: ✭ 174 (-10.31%)
pyhtoolsA Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.
Stars: ✭ 166 (-14.43%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+7.22%)
mec-ngpentest toolbox
Stars: ✭ 28 (-85.57%)
Dark-PhishDark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.
Stars: ✭ 57 (-70.62%)
xmlrpc-bruteforcerAn XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)
Stars: ✭ 62 (-68.04%)
peniotPENIOT: Penetration Testing Tool for IoT
Stars: ✭ 164 (-15.46%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-76.8%)
hathiA dictionary attack tool for PostgreSQL and MSSQL
Stars: ✭ 33 (-82.99%)
huntkitDocker - Ubuntu with a bunch of PenTesting tools and wordlists
Stars: ✭ 51 (-73.71%)
frisbeeCollect email addresses by crawling search engine results.
Stars: ✭ 29 (-85.05%)
peneworkPenetration Test Framwork
Stars: ✭ 24 (-87.63%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (-27.84%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-92.27%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+51.55%)
warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Stars: ✭ 53 (-72.68%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-82.99%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (-50.52%)
WPCrackerWordPress pentest tool
Stars: ✭ 34 (-82.47%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (-42.78%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-84.54%)
pentesting-notesNotes from OSCP, CTF, security adventures, etc...
Stars: ✭ 38 (-80.41%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (-73.71%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (-8.76%)
webreconAutomated Web Recon Shell Scripts
Stars: ✭ 48 (-75.26%)