BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Stars: ✭ 529 (+15%)
WinpayloadsUndetectable Windows Payload Generation
Stars: ✭ 1,211 (+163.26%)
JustEvadeBroJustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
Stars: ✭ 63 (-86.3%)
HacktheworldAn Python Script For Generating Payloads that Bypasses All Antivirus so far .
Stars: ✭ 527 (+14.57%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+0.65%)
Antimalware ResearchResearch on Anti-malware and other related security solutions
Stars: ✭ 163 (-64.57%)
ArmorArmor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.
Stars: ✭ 228 (-50.43%)
IAT APIAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
Stars: ✭ 63 (-86.3%)
ThefatratThefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (+1192.17%)
AviatorAntivirus evasion project
Stars: ✭ 529 (+15%)
BypassSuperBypass 403 or 401 or 404
Stars: ✭ 81 (-82.39%)
Defeat-Defender-V1.2Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
Stars: ✭ 885 (+92.39%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+804.78%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+595.22%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-40.65%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+807.17%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-41.96%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-91.52%)
PhpmusselPHP-based anti-virus anti-trojan anti-malware solution.
Stars: ✭ 337 (-26.74%)
Hatclouddiscontinued
Stars: ✭ 418 (-9.13%)
InfosecУчебное пособие по защите информации кафедры радиотехники и систем управления МФТИ
Stars: ✭ 386 (-16.09%)
TinyantivirusTinyAntivirus is an open source antivirus engine designed for detecting polymorphic virus and disinfecting it.
Stars: ✭ 320 (-30.43%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-80.87%)
Kalirouterintercepting kali router
Stars: ✭ 374 (-18.7%)
NovahotA webshell framework for penetration testers.
Stars: ✭ 284 (-38.26%)
HaeHaE - BurpSuite Highlighter and Extractor
Stars: ✭ 397 (-13.7%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+738.7%)
Bebasidbebasid dapat membantu membuka halaman situs web yang diblokir oleh pemerintah Indonesia dengan memanfaatkan hosts file.
Stars: ✭ 372 (-19.13%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (-41.3%)
SaferwallA hackable malware sandbox for the 21st Century
Stars: ✭ 419 (-8.91%)
MouseInjectDetectionSimple method of checking whether or not mouse movement or buttons (<windows 10) are injected
Stars: ✭ 29 (-93.7%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (-23.91%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-15.43%)
burp data collectorA Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
Stars: ✭ 58 (-87.39%)
Burp-Suite|| Activate Burp Suite Pro with Loader and Key-Generator ||
Stars: ✭ 94 (-79.57%)
MalwareHashDBMalware hashes for open source projects.
Stars: ✭ 31 (-93.26%)
My LinksKnowledge seeks no man
Stars: ✭ 311 (-32.39%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-83.26%)
MSEMalware sample exchange system and API intended for Anti-Virus companies and researchers.
Stars: ✭ 14 (-96.96%)
LookylooLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Stars: ✭ 381 (-17.17%)
Macos FortressFirewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
Stars: ✭ 307 (-33.26%)
ja3boxextract ja3(s) when sniffing or from a pcap.
Stars: ✭ 53 (-88.48%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+657.61%)
fake-sandbox👁🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
Stars: ✭ 110 (-76.09%)
CFX-BYPASSBypass it, you won't be Banned when playing cheats 2022
Stars: ✭ 18 (-96.09%)
My Infosec AwesomeMy curated list of awesome links, resources and tools on infosec related topics
Stars: ✭ 412 (-10.43%)
WebdevelopersecuritychecklistA checklist of important security issues you should consider when creating a web application.
Stars: ✭ 379 (-17.61%)
Libellux-Up-and-RunningLibellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.
Stars: ✭ 19 (-95.87%)
bypassAV免杀 defender 360 cobalstrike shellcode
Stars: ✭ 54 (-88.26%)
BurpdeveltrainingMaterial for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Stars: ✭ 302 (-34.35%)