Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-81.35%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-82.42%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+37.66%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-73%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+417.05%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+1122.38%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+120.96%)
HacktheboxNotes Taken for HTB Machines & InfoSec Community.
Stars: ✭ 167 (-70.34%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+525.4%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+101.78%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+246.18%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-69.27%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+125.04%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-74.78%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+5745.29%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-94.14%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-95.56%)
PPNPentester's Promiscuous Notebook
Stars: ✭ 221 (-60.75%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (-9.06%)
MSessionA simple and sophisticated session and authentication solution written in Swift
Stars: ✭ 26 (-95.38%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-3.37%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-49.02%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-96.09%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-95.74%)
hacktheboxNotes Taken for HTB Machines & InfoSec Community.
Stars: ✭ 286 (-49.2%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+269.27%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-89.17%)
SecureenclavecryptoDemonstration library for using the Secure Enclave on iOS
Stars: ✭ 251 (-55.42%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-94.14%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-94.85%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-80.99%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-93.25%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+559.86%)
LAPSforMacLocal Administrator Password Solution for Mac
Stars: ✭ 29 (-94.85%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-92.36%)
Apple Runtime HeadersObjective-C runtime headers for Apple's iOS, macOS, tvOS and watchOS frameworks
Stars: ✭ 174 (-69.09%)
CsvkeychainImport/export between Apple Keychain.app and plain CSV file.
Stars: ✭ 281 (-50.09%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-54.53%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+516.87%)
HOUDINIHundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Stars: ✭ 791 (+40.5%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+522.2%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (-48.13%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+571.23%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-43.16%)
Csinva.github.ioSlides, paper notes, class notes, blog posts, and research on ML 📉, statistics 📊, and AI 🤖.
Stars: ✭ 342 (-39.25%)
InfosecHouseInfosec resource center for offensive and defensive security operations.
Stars: ✭ 61 (-89.17%)
Objection📱 objection - runtime mobile exploration
Stars: ✭ 4,404 (+682.24%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-34.81%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (-28.77%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (-31.62%)