HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+355.67%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+664.95%)
WsmanagerWebshell Manager
Stars: ✭ 99 (+2.06%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (+300%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-63.92%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-60.82%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+3480.41%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (+176.29%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+293.81%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (+331.96%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+480.41%)
IsthislegitDashboard to collect, analyze, and respond to reported phishing emails.
Stars: ✭ 251 (+158.76%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-38.14%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+3729.9%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-18.56%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-9.28%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-50.52%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+265.98%)
ShellyAutomatic Reverse Shell Generator
Stars: ✭ 38 (-60.82%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+415.46%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+424.74%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+647.42%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+698.97%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-36.08%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+3445.36%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (+119.59%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-37.11%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+2760.82%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-15.46%)
JiraffeOne stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (+61.86%)
ReverseShellDllC++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked
Stars: ✭ 69 (-28.87%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (+96.91%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+460.82%)
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-77.32%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+780.41%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (+201.03%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+296.91%)
RevshellgenReverse shell generator written in Python 3.
Stars: ✭ 190 (+95.88%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+414.43%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+6116.49%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+6026.8%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-35.05%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-29.9%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+6994.85%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+856.7%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+348.45%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1006.19%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-62.89%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1071.13%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-63.92%)
GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
Stars: ✭ 66 (-31.96%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+87.63%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+2743.3%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+336.08%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+813.4%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+1100%)