inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (-79.94%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (-91.15%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (-61.77%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-44.23%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-40.28%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+11.69%)
JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (-95.89%)
FSEC-VMBackend logic implementation for Vulnerability Management System
Stars: ✭ 19 (-97%)
ScoutScout - a Contactless Active Reconnaissance Tool
Stars: ✭ 48 (-92.42%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+1513.27%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-88.94%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-78.52%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-90.84%)
gvm-toolsRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (-77.41%)
toolsTools used for Penetration testing / Red Teaming
Stars: ✭ 63 (-90.05%)
jawfishTool for breaking into web applications.
Stars: ✭ 84 (-86.73%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (-78.67%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-34.76%)
Vuln Web AppsA curated list of vulnerable web applications.
Stars: ✭ 128 (-79.78%)
MinionsDistributed filesystem scanner
Stars: ✭ 115 (-81.83%)
ProgpilotA static analysis tool for security
Stars: ✭ 226 (-64.3%)
Grinder🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)
Stars: ✭ 209 (-66.98%)
VulnfanaticA Binary Ninja plugin for vulnerability research.
Stars: ✭ 203 (-67.93%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-88.15%)
RedTeam toolkitRed Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Stars: ✭ 301 (-52.45%)
Easy hackHack the World using Termux
Stars: ✭ 549 (-13.27%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-58.77%)
ospdOSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)
Stars: ✭ 32 (-94.94%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (-57.82%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-74.41%)
AstraAutomated Security Testing For REST API's
Stars: ✭ 1,898 (+199.84%)
EngineDroidefense: Advance Android Malware Analysis Framework
Stars: ✭ 386 (-39.02%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (-65.4%)
BanditBandit is a tool designed to find common security issues in Python code.
Stars: ✭ 3,763 (+494.47%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+394.63%)
CelerystalkAn asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
Stars: ✭ 333 (-47.39%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-28.91%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-30.02%)
Pep8speaksA GitHub app to automatically review Python code style over Pull Requests
Stars: ✭ 546 (-13.74%)
SalusSecurity scanner coordinator
Stars: ✭ 441 (-30.33%)
Apache Ultimate Bad Bot BlockerApache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
Stars: ✭ 441 (-30.33%)
CrosshairAn analysis tool for Python that blurs the line between testing and type systems.
Stars: ✭ 586 (-7.42%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (-14.38%)
Rubocop RailsA RuboCop extension focused on enforcing Rails best practices and coding conventions.
Stars: ✭ 433 (-31.6%)
FromjsSee where each character on the screen came from in code.
Stars: ✭ 537 (-15.17%)
GosecGolang security checker
Stars: ✭ 5,694 (+799.53%)
R2fridaRadare2 and Frida better together.
Stars: ✭ 610 (-3.63%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-33.02%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-15.8%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (-32.39%)
Phpcs Security Auditphpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
Stars: ✭ 525 (-17.06%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-32.54%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+780.25%)
SouffleSoufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
Stars: ✭ 426 (-32.7%)
AirshipSecure Content Management for the Modern Web - "The sky is only the beginning"
Stars: ✭ 422 (-33.33%)
Awesome Nginx Security🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Stars: ✭ 417 (-34.12%)