Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-88.42%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-80.23%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+1519.49%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+444.92%)
shu-shellWebshell Jumping Edition
Stars: ✭ 23 (-96.75%)
Struts PwnAn exploit for Apache Struts CVE-2017-5638
Stars: ✭ 391 (-44.77%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (-13.28%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-82.49%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+1376.13%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (-65.82%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-95.06%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-85.17%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-95.76%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+225.56%)
NovahotA webshell framework for penetration testers.
Stars: ✭ 284 (-59.89%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-82.2%)
ExphubExphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Stars: ✭ 3,056 (+331.64%)
SlowlorisAsynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-92.8%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-90.25%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-46.05%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-33.05%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+687.01%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-10.17%)
Cve 2019 11708Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.
Stars: ✭ 581 (-17.94%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+689.55%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (-9.6%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (-4.24%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (-10.59%)
Docker AlpineDocker containers running Alpine Linux and s6 for process management. Solid, reliable containers.
Stars: ✭ 574 (-18.93%)
Heap ViewerAn IDA Pro plugin to examine the glibc heap, focused on exploit development
Stars: ✭ 574 (-18.93%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (-19.92%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (-2.12%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (-4.24%)
HabuHacking Toolkit
Stars: ✭ 635 (-10.31%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-21.47%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+739.41%)
Digispark ScriptsUSB Rubber Ducky type scripts written for the DigiSpark.
Stars: ✭ 629 (-11.16%)
WicketApache Wicket - Component-based Java web framework
Stars: ✭ 551 (-22.18%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+923.45%)
Easy hackHack the World using Termux
Stars: ✭ 549 (-22.46%)
DawsAdvanced Web Shell
Stars: ✭ 551 (-22.18%)
Am I Affected By MeltdownMeltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
Stars: ✭ 549 (-22.46%)
HerpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (-13.28%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+4548.16%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (-23.45%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (-1.27%)
Spectre AttackExample of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)
Stars: ✭ 690 (-2.54%)
Thc Ipv6IPv6 attack toolkit
Stars: ✭ 673 (-4.94%)
CoreMetaCall: The ultimate polyglot programming experience.
Stars: ✭ 596 (-15.82%)
Flog🎩 A fake log generator for common log formats
Stars: ✭ 531 (-25%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-24.72%)
DotdotpwnDotDotPwn - The Directory Traversal Fuzzer
Stars: ✭ 601 (-15.11%)
Vim Doge(Do)cumentation (Ge)nerator 10+ languages 📚 Generate proper code documentation skeletons with a single keypress. ⚡️🔥
Stars: ✭ 533 (-24.72%)
TrafficcontrolApache Traffic Control is an Open Source implementation of a Content Delivery Network
Stars: ✭ 530 (-25.14%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (-4.94%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (-15.11%)