Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+1142.46%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-59.13%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+50%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+1169.05%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+206.75%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+236.11%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-54.76%)
LnkupGenerates malicious LNK file payloads for data exfiltration
Stars: ✭ 205 (-18.65%)
DrozerThe Leading Security Assessment Framework for Android.
Stars: ✭ 2,683 (+964.68%)
SharpattackA simple wrapper for C# tools
Stars: ✭ 211 (-16.27%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+1001.19%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-19.05%)
RogueAn extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Stars: ✭ 225 (-10.71%)
VulnfanaticA Binary Ninja plugin for vulnerability research.
Stars: ✭ 203 (-19.44%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-19.84%)
BetterbackdoorA backdoor with a multitude of features.
Stars: ✭ 195 (-22.62%)
Mobileapp Pentest CheatsheetThe Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Stars: ✭ 3,051 (+1110.71%)
Scout🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs
Stars: ✭ 241 (-4.37%)
Sec Admin分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (-11.9%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-23.41%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (-24.21%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-13.49%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-24.6%)
FilesensorDynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具
Stars: ✭ 227 (-9.92%)
EnumyLinux post exploitation privilege escalation enumeration
Stars: ✭ 210 (-16.67%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1264.68%)
DecryptteamviewerEnumerate and decrypt TeamViewer credentials from Windows registry
Stars: ✭ 205 (-18.65%)
ProgpilotA static analysis tool for security
Stars: ✭ 226 (-10.32%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-19.05%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (-0.79%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1436.9%)
AndroticklerPenetration testing and auditing toolkit for Android apps.
Stars: ✭ 225 (-10.71%)
Doxboxweb-based OSINT and reconaissance toolkit
Stars: ✭ 202 (-19.84%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (-4.37%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-21.03%)
ShellabLinux and Windows shellcode enrichment utility
Stars: ✭ 225 (-10.71%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-26.98%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (-0.4%)
CintruderCaptcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.
Stars: ✭ 192 (-23.81%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+1337.3%)
Stegseek⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (-25.79%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-5.56%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-13.49%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-25.79%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-25.4%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-25.79%)
Physmem2profitPhysmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Stars: ✭ 244 (-3.17%)
CommixAutomated All-in-One OS Command Injection Exploitation Tool.
Stars: ✭ 3,016 (+1096.83%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (-13.1%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+900.79%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+994.44%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-14.29%)
ShodanwaveShodanwave is a tool for exploring and obtaining information from Netwave IP Camera.
Stars: ✭ 183 (-27.38%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-27.38%)
FrackerPHP function tracker
Stars: ✭ 234 (-7.14%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-15.08%)