MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (+3.95%)
365-Stealer365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.
Stars: ✭ 200 (+163.16%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (+26.32%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (+125%)
Dark-PhishDark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.
Stars: ✭ 57 (-25%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+402.63%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+43201.32%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (+11.84%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-69.74%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+1010.53%)
TigersharkBilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.
Stars: ✭ 212 (+178.95%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+7719.74%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (+223.68%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+790.79%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-10.53%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-36.84%)
SerpentineC++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
Stars: ✭ 216 (+184.21%)
GophishOpen-Source Phishing Toolkit
Stars: ✭ 6,435 (+8367.11%)
DnsmorphDomain name permutation engine written in Go
Stars: ✭ 148 (+94.74%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-55.26%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (+26.32%)
PwnedPasswordsCheckerSearch (offline) if your password (NTLM or SHA1 format) has been leaked (HIBP passwords list v8)
Stars: ✭ 52 (-31.58%)
hathiA dictionary attack tool for PostgreSQL and MSSQL
Stars: ✭ 33 (-56.58%)
uberduckyWireless USB Rubber Ducky triggered via BLE (make your Ubertooth quack!)
Stars: ✭ 80 (+5.26%)
BlueTeam.LabBlue Team detection lab created with Terraform and Ansible in Azure.
Stars: ✭ 82 (+7.89%)
xecaPowerShell payload generator
Stars: ✭ 103 (+35.53%)
AzureCLI-ExtractorA tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.
Stars: ✭ 43 (-43.42%)
Blackeye-for-WindowsThis is a Phishing tool. Phishing is a type of hacking also called credential harvesting. It creates fake websites for victims to login which saves their login info which includes IP, User-Agent, Username and Password to a file in the computer running Blackeye. This tool has been there for Linux and even Android via Termux. I converted it to Win…
Stars: ✭ 38 (-50%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+86.84%)
lavaMicrosoft Azure Exploitation Framework
Stars: ✭ 46 (-39.47%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-21.05%)
phishEyephishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.
Stars: ✭ 47 (-38.16%)
wifimitmWi-Fi Machine-in-the-Middle: Automation of MitM Attack on Wi-Fi Networks
Stars: ✭ 49 (-35.53%)
frisbeeCollect email addresses by crawling search engine results.
Stars: ✭ 29 (-61.84%)
SSI Extra MaterialsIn my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (-44.74%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+84.21%)
brutekragPenetration tests on SSH servers using brute force or dictionary attacks. Written in Python.
Stars: ✭ 30 (-60.53%)
Intel-OneCommand line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…
Stars: ✭ 23 (-69.74%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (+259.21%)
Phishing-DatasetPhishing dataset with more than 88,000 instances and 111 features. Web application available at. https://gregavrbancic.github.io/Phishing-Dataset/
Stars: ✭ 21 (-72.37%)
xmlrpc-bruteforcerAn XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)
Stars: ✭ 62 (-18.42%)
PhishiousAn open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
Stars: ✭ 397 (+422.37%)
termux-wifiBash script which installs and runs the Fluxion tool inside Termux, a wireless security auditing tool used to perform attacks such as WPA/WPA2 cracking and MITM attacks.
Stars: ✭ 406 (+434.21%)
IsthislegitDashboard to collect, analyze, and respond to reported phishing emails.
Stars: ✭ 251 (+230.26%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+84.21%)
ThechoiceThe linux choice collection tools
Stars: ✭ 245 (+222.37%)
PhishmailerGenerate Professional Phishing Emails Fast And Easy
Stars: ✭ 227 (+198.68%)
DevBrute-A Password Brute ForcerDevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (+19.74%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+275%)