V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (-37.9%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+69.5%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-80.43%)
AnsvifA Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-92.16%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-91.64%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-85.41%)
HatVenomHatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
Stars: ✭ 84 (-93.84%)
FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+194.21%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-77.27%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-74.63%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-71.99%)
doonaNetwork based protocol fuzzer
Stars: ✭ 64 (-95.31%)
APSoft-Web-Scanner-v2Powerful dork searcher and vulnerability scanner for windows platform
Stars: ✭ 96 (-92.96%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-99.05%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-97.43%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-97.87%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (-80.13%)
JsshellAn interactive multi-user web JS shell
Stars: ✭ 330 (-75.81%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-60.34%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (-58.65%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (-55.57%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (-44.43%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+404.55%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (-40.32%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (-34.9%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-97.65%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-95.89%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-98.39%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-98.97%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-92.16%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (-90.32%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-93.7%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+182.84%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (-82.77%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-93.62%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-78.45%)
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Stars: ✭ 506 (-62.9%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-63.42%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (-7.04%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-63.93%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+431.23%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-65.25%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+519.43%)
Prestashop Cve 2018 19126PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-97.29%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-97.21%)
Pythempentest framework
Stars: ✭ 1,060 (-22.29%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (-28.52%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-28.59%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (-20.75%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-95.16%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-96.19%)
RegaxorA regular expression fuzzer.
Stars: ✭ 35 (-97.43%)