Oss FuzzOSS-Fuzz - continuous fuzzing for open source software.
Stars: ✭ 6,937 (+3024.77%)
Afl PatchesPatches to afl to fix bugs or add enhancements
Stars: ✭ 76 (-65.77%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-59.01%)
CertfuzzThis project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).
Stars: ✭ 233 (+4.95%)
Fuzzing SurveyThe Art, Science, and Engineering of Fuzzing: A Survey
Stars: ✭ 116 (-47.75%)
afl-pinrun AFL with pintool
Stars: ✭ 64 (-71.17%)
Sienna LocomotiveA user-friendly fuzzing and crash triage tool for Windows
Stars: ✭ 130 (-41.44%)
SnodgeRandomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing
Stars: ✭ 121 (-45.5%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+941.44%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (-13.51%)
KleeflSeeding fuzzers with symbolic execution
Stars: ✭ 172 (-22.52%)
ProtofuzzGoogle Protocol Buffers message generator
Stars: ✭ 171 (-22.97%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: ✭ 191 (-13.96%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-22.97%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-24.32%)
ZigdiggityA ZigBee hacking toolkit by Bishop Fox
Stars: ✭ 169 (-23.87%)
Rastrea2rCollecting & Hunting for IOCs with gusto and style
Stars: ✭ 169 (-23.87%)
JfsConstraint solver based on coverage-guided fuzzing
Stars: ✭ 215 (-3.15%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1211.26%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-13.96%)
FuzzfactoryDomain-Specific Fuzzing with Waypoints
Stars: ✭ 167 (-24.77%)
MorphAn open source fuzzing framework for fun.
Stars: ✭ 166 (-25.23%)
RevshellgenReverse shell generator written in Python 3.
Stars: ✭ 190 (-14.41%)
FuzzinatorFuzzinator Random Testing Framework
Stars: ✭ 164 (-26.13%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-6.76%)
Rust UnicUNIC: Unicode and Internationalization Crates for Rust
Stars: ✭ 189 (-14.86%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-26.13%)
Semantic Rs🚀 Automatic crate publishing done right
Stars: ✭ 162 (-27.03%)
AndroidlibraryAndroid library to reveal or obfuscate strings and assets at runtime
Stars: ✭ 162 (-27.03%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-27.03%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-1.8%)
MoslBash script to audit and fix macOS Catalina (10.15.x) security settings
Stars: ✭ 215 (-3.15%)
Chain ReactorChain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Stars: ✭ 206 (-7.21%)
Security ScriptsA collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
Stars: ✭ 188 (-15.32%)
Web ShellsSome of the best web shells that you might need!
Stars: ✭ 162 (-27.03%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-27.03%)
HonggfuzzSecurity oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
Stars: ✭ 2,400 (+981.08%)
ParisLogger in Rust for pretty colors and text in the terminal. Aiming for a relatively simple API
Stars: ✭ 162 (-27.03%)
NebulousadNebulousAD automated credential auditing tool.
Stars: ✭ 158 (-28.83%)
CodealchemistSemantics-aware Code Generation for Finding JS engine Vulnerabilities
Stars: ✭ 204 (-8.11%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-15.77%)
ExeinExein core for Linux based firmware
Stars: ✭ 158 (-28.83%)
DnsbinThe request.bin of DNS request
Stars: ✭ 157 (-29.28%)
FuddlyFuzzing and Data Manipulation Framework (for GNU/Linux)
Stars: ✭ 156 (-29.73%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-29.73%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-2.7%)
LimitrrLight NodeJS rate limiting and response delaying using Redis - including Express middleware.
Stars: ✭ 203 (-8.56%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (-16.22%)
MultipartA backend-agnostic extension for file uploads in HTTP libraries for Rust
Stars: ✭ 155 (-30.18%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-31.53%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1142.34%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-31.98%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-32.43%)
Bundler AuditPatch-level verification for Bundler
Stars: ✭ 2,393 (+977.93%)