Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-23.57%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-31.21%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-82.17%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+105.1%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+393.63%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+155.41%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+71.34%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+729.94%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (+351.59%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1372.61%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+386.62%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+475.8%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+587.26%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+392.36%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (+6.37%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+1894.27%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+361.78%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+623.57%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-43.31%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-4.46%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+1063.06%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-8.28%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-14.65%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+972.61%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-14.65%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1141.4%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-4.46%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-26.75%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-14.65%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (-26.11%)
WynisAudit Windows Security with best Practice
Stars: ✭ 116 (-26.11%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-15.92%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-26.11%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+871.97%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+1171.97%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-15.29%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (-27.39%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-27.39%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+982.8%)
EspkeyWiegand data logger, replay device and micro door-controller
Stars: ✭ 114 (-27.39%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-3.18%)
DirmapAn advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
Stars: ✭ 2,127 (+1254.78%)
GitmailsAn information gathering tool to collect git commit emails in version control host services
Stars: ✭ 142 (-9.55%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-27.39%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-27.39%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+991.08%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1309.55%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+1145.86%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-28.03%)
Gcp AuditA tool for auditing security properties of GCP projects.
Stars: ✭ 140 (-10.83%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+1047.77%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-28.66%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-16.56%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+877.71%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-29.3%)