PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+143.68%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+614.21%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+127.37%)
Drv3 Tools(Not actively maintained, use DRV3-Sharp) Tools for extracting and re-injecting files for Danganronpa V3 for PC.
Stars: ✭ 13 (-93.16%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+534.21%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-48.95%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (-3.68%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+165.26%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+136.84%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+190%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+192.63%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+206.84%)
Shotlootera recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc
Stars: ✭ 451 (+137.37%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-44.74%)
DekstereconWeb Application recon automation
Stars: ✭ 109 (-42.63%)
Php Mime Mail ParserA fully tested email parser for PHP 7.2+ (mailparse extension wrapper).
Stars: ✭ 687 (+261.58%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-40.53%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+281.58%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+298.95%)
Valveresourceformat🔬 Valve's Source 2 resource file format parser and decompiler
Stars: ✭ 638 (+235.79%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+307.89%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+707.89%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+929.47%)
GitmonitorOne way to continuously monitor sensitive information that could be exposed on Github
Stars: ✭ 115 (-39.47%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+703.16%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+345.79%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+2893.16%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-40%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-38.95%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+412.63%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+4346.84%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+407.37%)
Github ReconGitHub Recon — and what you can achieve with it!
Stars: ✭ 47 (-75.26%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+464.74%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-85.79%)
Quill Delta ParserA PHP library to parse and render Quill WYSIWYG Deltas into HTML - Flexibel and extendible for custom elements.
Stars: ✭ 63 (-66.84%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120 (-36.84%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-36.32%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-67.89%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-61.58%)
Chaos🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.
Stars: ✭ 1,168 (+514.74%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-58.95%)
ExecutorWatch for file changes and then execute command. Very nice for test driven development.
Stars: ✭ 14 (-92.63%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-55.79%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+557.37%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-54.21%)
Geo ReconAn OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.
Stars: ✭ 82 (-56.84%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+925.79%)
Spectre.cliAn extremely opinionated command-line parser.
Stars: ✭ 121 (-36.32%)
SubrakeA Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
Stars: ✭ 125 (-34.21%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+1347.37%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1084.74%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-46.84%)
GoaltdnsA permutation generation tool written in golang
Stars: ✭ 119 (-37.37%)