WasmiteNow WebAssembly has proper testing, unit-testing and debugging 🤗
Stars: ✭ 20 (-99.42%)
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (-21.73%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (-47.36%)
nseNmap NSE scripts
Stars: ✭ 23 (-99.34%)
Security ScriptsA collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
Stars: ✭ 188 (-94.57%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-98.44%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-88.98%)
Envizonnetwork visualization & vulnerability management/reporting
Stars: ✭ 382 (-88.98%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-96.48%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-98.96%)
webnettoolsWeb Net Tools is a web frontend for some useful command line tooling. It provides especially an web frontend for tools like testssl.sh and nmap.
Stars: ✭ 33 (-99.05%)
hassh-utilshassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)
Stars: ✭ 41 (-98.82%)
Awesome Test AutomationA curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com
Stars: ✭ 4,712 (+35.99%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-88.77%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (-92.18%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (-33.48%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-88.08%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (-64.1%)
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (-32.73%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+50.59%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (-91.77%)
request-basketsHTTP requests collector to test webhooks, notifications, REST clients and more ...
Stars: ✭ 149 (-95.7%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-96.97%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+0.23%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+31.63%)
LegionAutomatic Enumeration Tool based in Open Source tools
Stars: ✭ 280 (-91.92%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+1.1%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-90.94%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (-2.14%)
GocA Comprehensive Coverage Testing System for The Go Programming Language
Stars: ✭ 320 (-90.76%)
CloudfruntA tool for identifying misconfigured CloudFront domains
Stars: ✭ 281 (-91.89%)
PolichombrCollaborative malware analysis framework
Stars: ✭ 307 (-91.14%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (-91.95%)
Kube Psp AdvisorHelp building an adaptive and fine-grained pod security policy
Stars: ✭ 280 (-91.92%)
PhpunitThe PHP Unit Testing framework.
Stars: ✭ 18,103 (+422.45%)
StatcodeMan pages for HTTP status codes
Stars: ✭ 307 (-91.14%)
DgfraudA Deep Graph-based Toolbox for Fraud Detection
Stars: ✭ 281 (-91.89%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (-7.71%)
GotestsAutomatically generate Go test boilerplate from your source code.
Stars: ✭ 3,597 (+3.81%)
Certificates🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Stars: ✭ 3,693 (+6.58%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-91.98%)
JugglerA system that may trick hackers. 一个也许能骗到黑客的系统。
Stars: ✭ 321 (-90.74%)
Ethereum ListsA repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.
Stars: ✭ 300 (-91.34%)
Awesome Unit Testing SwiftA curated collection of awesome blog articles, books, talks, podcasts, tools/frameworks and examples.
Stars: ✭ 272 (-92.15%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (-91.43%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-92.12%)
Http ShortcutsAndroid app to create home screen shortcuts that trigger arbitrary HTTP requests
Stars: ✭ 329 (-90.51%)
Padrino FrameworkPadrino is a full-stack ruby framework built upon Sinatra.
Stars: ✭ 3,310 (-4.47%)
Hackertarget🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
Stars: ✭ 320 (-90.76%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (-91.57%)
Fomalhaut🚀 A Simple API Gateway for Building Security and Flexible Microservices.
Stars: ✭ 272 (-92.15%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-92.15%)
BanditBandit is a tool designed to find common security issues in Python code.
Stars: ✭ 3,763 (+8.6%)
KotestPowerful, elegant and flexible test framework for Kotlin with additional assertions, property testing and data driven testing
Stars: ✭ 3,234 (-6.67%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (-92.29%)
ModlishkaModlishka. Reverse Proxy.
Stars: ✭ 3,634 (+4.88%)
HeraldingCredentials catching honeypot
Stars: ✭ 297 (-91.43%)