Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+119.31%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+2715.35%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+113.86%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+3003.96%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+111.39%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-58.42%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+2842.08%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+172.77%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-56.93%)
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+1077.72%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+214.85%)
HabuHacking Toolkit
Stars: ✭ 635 (+214.36%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+109.9%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+246.04%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+235.15%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+302.97%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+289.11%)
Ecommerce Website Security ChecklistList of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
Stars: ✭ 98 (-51.49%)
Apac ConferencesA community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
Stars: ✭ 90 (-55.45%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-50%)
Badusb botnet👥😈 Infect a pc with badusb and establish a connection through telegram.
Stars: ✭ 32 (-84.16%)
SsrfmapSimple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (-75.25%)
FiercephishFiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
Stars: ✭ 960 (+375.25%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+109.41%)
NetsetOperational Security utility and automator.
Stars: ✭ 110 (-45.54%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+518.32%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+659.9%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-6.93%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-5.94%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-59.9%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-51.98%)
Python RansomwarePython Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles
Stars: ✭ 96 (-52.48%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+586.63%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-61.39%)
Awesome HackingA collection of various awesome lists for hackers, pentesters and security researchers
Stars: ✭ 48,038 (+23681.19%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-48.02%)
VirtualsecconsAn ongoing list of virtual cybersecurity conferences.
Stars: ✭ 113 (-44.06%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1751.98%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-43.56%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-22.77%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+868.32%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-42.57%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-42.57%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-40.1%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-39.6%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-36.63%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+864.85%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+809.41%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-25.74%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-35.15%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-24.75%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-33.17%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1014.36%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+741.58%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-30.69%)