H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+5315.03%)
Ssh MitmSSH man-in-the-middle tool
Stars: ✭ 1,328 (+588.08%)
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+515.54%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-53.37%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-49.74%)
Koa SslifyEnforce HTTPS in node.js koa apps
Stars: ✭ 100 (-48.19%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+307.25%)
SshttpSSH/HTTP(S) multiplexer. Run a webserver and a sshd on the same port w/o changes.
Stars: ✭ 766 (+296.89%)
HydrafwHydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing
Stars: ✭ 165 (-14.51%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+331.61%)
Venomvenom - shellcode generator/compiler/handler (metasploit)
Stars: ✭ 904 (+368.39%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+4623.32%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1097.93%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-47.67%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-45.6%)
SslsplitTransparent SSL/TLS interception
Stars: ✭ 1,371 (+610.36%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-44.56%)
PxenumA shell script that automatically performs a series of *NIX enumeration tasks.
Stars: ✭ 30 (-84.46%)
CaddyMatthew Holt began developing Caddy in 2014 while studying computer science at Brigham Young University. (The name "Caddy" was chosen because this software helps with the tedious, mundane tasks of serving the Web, and is also a single place for multiple things to be organized together.) It soon became the first web server to use HTTPS automatically and by default, and now has hundreds of contributors and has served trillions of HTTPS requests.
Stars: ✭ 35,966 (+18535.23%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+413.99%)
MkcertA simple zero-config tool to make locally trusted development certificates with any names you'd like.
Stars: ✭ 33,022 (+17009.84%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+4553.37%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-77.2%)
Internet.nlInternet standards compliance test suite
Stars: ✭ 56 (-70.98%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+372.54%)
WolfsslwolfSSL (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
Stars: ✭ 1,098 (+468.91%)
Kill RouterFerramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
Stars: ✭ 57 (-70.47%)
MerecatSmall and made-easy HTTP/HTTPS server based on Jef Poskanzer's thttpd
Stars: ✭ 69 (-64.25%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-64.77%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-41.97%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+695.34%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-41.45%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-59.59%)
Acme clientJava ACME Client application
Stars: ✭ 77 (-60.1%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+275.65%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-62.69%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-47.67%)
Awesome HackingA collection of various awesome lists for hackers, pentesters and security researchers
Stars: ✭ 48,038 (+24790.16%)
BrutemapLet's find someone's account
Stars: ✭ 113 (-41.45%)
TwitterxKeeping Twitter for macOS alive with code injection
Stars: ✭ 187 (-3.11%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-53.89%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+563.73%)
EggshelliOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+566.32%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-54.92%)
Work At OlistApply for a job at Olist's Development Team: https://bit.ly/olist-webdev
Stars: ✭ 93 (-51.81%)
Tls InspectorEasily view and inspect X.509 certificates on your iOS device.
Stars: ✭ 92 (-52.33%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (-46.63%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-46.63%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-40.41%)
Oscp AutomationA collection of personal scripts used in hacking excercises.
Stars: ✭ 118 (-38.86%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-3.11%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-39.9%)
HackapkAn Advanced Tool For Complete Apk-Modding In Termux ...
Stars: ✭ 180 (-6.74%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-11.4%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-37.82%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-37.31%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-35.75%)