RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-25.31%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-45.06%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (+337.65%)
ShuffleShuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Stars: ✭ 424 (+161.73%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+161.73%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+161.11%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-30.86%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+158.64%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+601.23%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (+158.64%)
Firecrack🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Stars: ✭ 157 (-3.09%)
NeedleThe iOS Security Testing Framework
Stars: ✭ 1,122 (+592.59%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (+150%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+847.53%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+148.77%)
RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
Stars: ✭ 1,109 (+584.57%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+139.51%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1289.51%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+566.05%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+135.19%)
AggressiveproxyProject to enumerate proxy configurations and generate shellcode from CobaltStrike
Stars: ✭ 109 (-32.72%)
DeltaPROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
Stars: ✭ 55 (-66.05%)
RaasnetOpen-Source Ransomware As A Service for Linux, MacOS and Windows
Stars: ✭ 371 (+129.01%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-13.58%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+3120.99%)
Nmap Nse InfoBrowse and search through nmap's NSE scripts.
Stars: ✭ 54 (-66.67%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+127.16%)
Certified Kubernetes Security SpecialistCurated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
Stars: ✭ 691 (+326.54%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-67.28%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-25.93%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+690.74%)
AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (+324.69%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+318.52%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (+112.96%)
SsrfmapSimple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (-69.14%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-6.79%)
Watf BankWaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
Stars: ✭ 87 (-46.3%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+4372.84%)
MilkyA .NET Standard library for pentesting web apps against credential stuffing attacks.
Stars: ✭ 49 (-69.75%)
DnsliveryEasy files and payloads delivery over DNS
Stars: ✭ 332 (+104.94%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-35.19%)
Redteam ResearchCollection of PoC and offensive techniques used by the BlackArrow Red Team
Stars: ✭ 330 (+103.7%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (+100%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+962.96%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+317.28%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+939.51%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-46.3%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+4148.15%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-46.3%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+297.53%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-18.52%)
Auditd AttackA Linux Auditd rule set mapped to MITRE's Attack Framework
Stars: ✭ 642 (+296.3%)