Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+20.14%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-74.71%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-74.71%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-71.9%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-28.81%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+107.49%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (+202.11%)
Search4Search people on the Internet.
Stars: ✭ 124 (-70.96%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (-31.62%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-64.87%)
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Stars: ✭ 153 (-64.17%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-65.11%)
GitemA Github organization reconnaissance tool.
Stars: ✭ 190 (-55.5%)
Xeexe TopantivirusevasionUndetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable
Stars: ✭ 387 (-9.37%)
Windows Post ExploitationWindows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
Stars: ✭ 296 (-30.68%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+395.08%)
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Stars: ✭ 227 (-46.84%)
AquatoneA Tool for Domain Flyovers
Stars: ✭ 4,405 (+931.62%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (-49.41%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (-1.17%)
SocialpwnedSocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.
Stars: ✭ 104 (-75.64%)
D4n155OWASP D4N155 - Intelligent and dynamic wordlist using OSINT
Stars: ✭ 105 (-75.41%)
fuzzmostall manner of wordlists
Stars: ✭ 23 (-94.61%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-64.87%)
Investigo🔎 Find usernames and download their data across social media.
Stars: ✭ 168 (-60.66%)
osintDocker image for osint
Stars: ✭ 92 (-78.45%)
ScanApiSubdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
Stars: ✭ 34 (-92.04%)
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (+445.9%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (-33.26%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+268.15%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-44.5%)
frisbeeCollect email addresses by crawling search engine results.
Stars: ✭ 29 (-93.21%)
fleexFleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
Stars: ✭ 181 (-57.61%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (-19.44%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-52.46%)
DevBrute-A Password Brute ForcerDevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (-78.69%)
o365chkSimple Python tool to check if there is an Office 365 instance linked to a domain.
Stars: ✭ 37 (-91.33%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-94.15%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-87.59%)
pyhtoolsA Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.
Stars: ✭ 166 (-61.12%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-94.15%)
ICUAn Extended, Modulair, Host Discovery Framework
Stars: ✭ 40 (-90.63%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (-1.87%)
PigA Linux packet crafting tool.
Stars: ✭ 384 (-10.07%)
Aliens eyeSocial media hunter
Stars: ✭ 105 (-75.41%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (-42.39%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-16.86%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (-77.52%)
ipsourcebypassThis Python script can be used to bypass IP source restrictions using HTTP headers.
Stars: ✭ 326 (-23.65%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (-51.29%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-94.61%)
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (+535.13%)
ShadowCloneUnleash the power of cloud
Stars: ✭ 224 (-47.54%)