HabuHacking Toolkit
Stars: ✭ 635 (+151.98%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+676.19%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+140.48%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-19.05%)
Corscanner Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (+138.49%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-55.56%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-34.13%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+120.63%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+509.13%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+118.65%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (-0.79%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+114.68%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-57.14%)
PspyMonitor linux processes without root permissions
Stars: ✭ 2,470 (+880.16%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+103.57%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+825.4%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1436.9%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+2060.71%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-58.33%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+98.02%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+814.68%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+95.24%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-58.73%)
AndroticklerPenetration testing and auditing toolkit for Android apps.
Stars: ✭ 225 (-10.71%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+92.86%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+88.1%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-35.71%)
GobusterDirectory/File, DNS and VHost busting tool written in Go
Stars: ✭ 5,356 (+2025.4%)
Smtptestersmall python3 tool to check common vulnerabilities in SMTP servers
Stars: ✭ 102 (-59.52%)
Doxboxweb-based OSINT and reconaissance toolkit
Stars: ✭ 202 (-19.84%)
Burp ParamalyzerParamalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
Stars: ✭ 102 (-59.52%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+78.17%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-35.71%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+78.57%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+441.27%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (-4.37%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+2156.75%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+72.62%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-37.7%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+71.43%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-61.9%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+68.25%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-21.03%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-49.21%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-89.29%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+250.4%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-62.7%)
Dr checkerDR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers
Stars: ✭ 251 (-0.4%)
Txtoolan easy pentesting tool.
Stars: ✭ 246 (-2.38%)
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Stars: ✭ 227 (-9.92%)