CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+3126.74%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (+105.81%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-10.47%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+38.37%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+148.84%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-59.3%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-41.86%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (+211.63%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+3320.93%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (+613.95%)
DjangohunterTool designed to help identify incorrectly configured Django applications that are exposing sensitive information.
Stars: ✭ 212 (+146.51%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+639.53%)
LldebugtoolLLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
Stars: ✭ 673 (+682.56%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+272.09%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (+248.84%)
AtlasQuick SQLMap Tamper Suggester
Stars: ✭ 679 (+689.53%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (+282.56%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (+559.3%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-27.91%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+712.79%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+783.72%)
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (+374.42%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+370.93%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+5594.19%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+438.37%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (+137.21%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1220.93%)
Saint👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]
Stars: ✭ 522 (+506.98%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (+462.79%)
Name That Hash🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥
Stars: ✭ 540 (+527.91%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (+519.77%)
ScriptsScripts I use during pentest engagements.
Stars: ✭ 834 (+869.77%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+951.16%)
Auto CpufreqAutomatic CPU speed & power optimizer for Linux
Stars: ✭ 843 (+880.23%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+577.91%)
ThefatratThefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (+6811.63%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (+688.37%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+926.74%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+884.88%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+960.47%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+1017.44%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+8913.95%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+801.16%)
DracnmapDracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Stars: ✭ 861 (+901.16%)
LldebugtoolswiftLLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
Stars: ✭ 40 (-53.49%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-54.65%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+1073.26%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-39.53%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+124.42%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+131.4%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+441.86%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+791.86%)