HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+9.04%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+215.82%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (+139.55%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+3706.21%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+1453.67%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+931.64%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (+41.81%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+623.73%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-80.23%)
BetterbackdoorA backdoor with a multitude of features.
Stars: ✭ 195 (+10.17%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+410.73%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-50.85%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-35.03%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-18.64%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (-7.91%)
JexbossJexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Stars: ✭ 2,008 (+1034.46%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-20.9%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-4.52%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-8.47%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-23.73%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-23.16%)
Firecrack🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Stars: ✭ 157 (-11.3%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-24.29%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-25.42%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-2.82%)
Web2attackWeb hacking framework with tools, exploits by python
Stars: ✭ 152 (-14.12%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+860.45%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-18.64%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-7.34%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+1028.25%)
Reverse Shell Manager🔨 A multiple reverse shell session/client manager via terminal
Stars: ✭ 171 (-3.39%)
Print My ShellPython script wrote to automate the process of generating various reverse shells.
Stars: ✭ 140 (-20.9%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-8.47%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-20.9%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (-2.26%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-11.3%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-24.29%)
LolbitsC2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.
Stars: ✭ 170 (-3.95%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-24.29%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-11.86%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-24.86%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+2013.56%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-25.42%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-14.12%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1150.28%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+918.08%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-5.65%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-15.25%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-25.99%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-25.99%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-14.69%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1171.75%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1206.21%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-6.21%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-15.25%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-26.55%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-27.68%)