JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (-9.6%)
AutosploitAutomated Mass Exploiter
Stars: ✭ 4,500 (+535.59%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+591.67%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (-4.24%)
NetcatNetCat for Windows
Stars: ✭ 463 (-34.6%)
Docker AlpineDocker containers running Alpine Linux and s6 for process management. Solid, reliable containers.
Stars: ✭ 574 (-18.93%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (-10.59%)
HershellMultiplatform reverse shell generator
Stars: ✭ 456 (-35.59%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (-19.92%)
VanquishVanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (-36.58%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (-2.12%)
ModsecurityModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
Stars: ✭ 5,015 (+608.33%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+739.41%)
EzhttpThe bash shell script stack for installation of Nginx OpenResty Tengine lua_nginx_module nginx_concat_module nginx_upload_module ngx_substitutions_filter_module Apache-2.2 Apache-2.4 MySQL-5.1 MySQL-5.5 MySQL-5.6 MySQL-5.7 PHP-5.2 PHP-5.3 PHP-5.4 PHP-5.5 PHP-5.6 ZendOptimizer ZendGuardLoader Xcache Eaccelerator Imagemagick IonCube Memcache Memcached Redis Mongo Xdebug Mssql Memcached PureFtpd PhpMyAdmin Redis Mongodb PhpRedisAdmin MemAdmin RockMongo Jdk7 Jdk8 Tomcat7 Tomcat8
Stars: ✭ 443 (-37.43%)
Digispark ScriptsUSB Rubber Ducky type scripts written for the DigiSpark.
Stars: ✭ 629 (-11.16%)
Apache Ultimate Bad Bot BlockerApache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
Stars: ✭ 441 (-37.71%)
Easy hackHack the World using Termux
Stars: ✭ 549 (-22.46%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+923.45%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (-40.68%)
Am I Affected By MeltdownMeltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
Stars: ✭ 549 (-22.46%)
PwndocPentest Report Generator
Stars: ✭ 417 (-41.1%)
HerpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (-13.28%)
PoweropsPowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
Stars: ✭ 412 (-41.81%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (-23.45%)
CloakCloak can backdoor any python script with some tricks.
Stars: ✭ 411 (-41.95%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (-1.27%)
Firmware slapDiscovering vulnerabilities in firmware through concolic analysis and function clustering.
Stars: ✭ 407 (-42.51%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-24.72%)
MeltdownThis repository contains several applications, demonstrating the Meltdown bug.
Stars: ✭ 3,931 (+455.23%)
DotdotpwnDotDotPwn - The Directory Traversal Fuzzer
Stars: ✭ 601 (-15.11%)
SharpyshellSharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications
Stars: ✭ 402 (-43.22%)
TrafficcontrolApache Traffic Control is an Open Source implementation of a Content Delivery Network
Stars: ✭ 530 (-25.14%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (-4.94%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (-15.11%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (-44.07%)
GhostwriterThe SpecterOps project management and reporting engine
Stars: ✭ 394 (-44.35%)
RttysAccess your device's terminal from anywhere via the web.
Stars: ✭ 392 (-44.63%)
OpenwhiskApache OpenWhisk is an open source serverless cloud platform
Stars: ✭ 5,499 (+676.69%)
Cheetaha very fast brute force webshell password tool
Stars: ✭ 509 (-28.11%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-28.81%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-44.63%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (-44.77%)
Webshell Sample收集自网络各处的 webshell 样本,用于测试 webshell 扫描器检测率。
Stars: ✭ 647 (-8.62%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-45.06%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (-45.34%)
Commando VmComplete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution.
[email protected] Stars: ✭ 5,030 (+610.45%)
Kafka Sprout🚀 Web GUI for Kafka Cluster Management
Stars: ✭ 388 (-45.2%)
HyperpwnA hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda
Stars: ✭ 387 (-45.34%)
KonfigComposable, observable and performant config handling for Go for the distributed processing era
Stars: ✭ 597 (-15.68%)