analysis-modelA library to read static analysis reports into a Java object model
Stars: ✭ 74 (-88.31%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (-19.12%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (-53.4%)
dr checker 4 linuxPort of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel
Stars: ✭ 34 (-94.63%)
Preallocprealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Stars: ✭ 419 (-33.81%)
jshodanPowerful Shodan API client using RxJava and Retrofit
Stars: ✭ 56 (-91.15%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+456.24%)
HabomalhunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Stars: ✭ 627 (-0.95%)
swiss-bugbounty-programsList of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland
Stars: ✭ 25 (-96.05%)
nakedretnakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
Stars: ✭ 82 (-87.05%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (-54.5%)
BackToMeLittle tool made in python to create payloads for Linux, Windows and OSX with unique handler
Stars: ✭ 61 (-90.36%)
PwndocPentest Report Generator
Stars: ✭ 417 (-34.12%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (-81.2%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+2949.29%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+890.52%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+557.5%)
aeacus🔐 Vulnerability remediation scoring system
Stars: ✭ 52 (-91.79%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+435.7%)
phuzzFind exploitable PHP files by parameter fuzzing and function call tracing
Stars: ✭ 53 (-91.63%)
Grab N RunGrab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.
Stars: ✭ 413 (-34.76%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-95.73%)
EastExploits and Security Tools Framework 2.0.1
Stars: ✭ 283 (-55.29%)
PhanPhan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Stars: ✭ 5,194 (+720.54%)
datreePrevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
Stars: ✭ 5,744 (+807.42%)
SitebrokerA cross-platform python based utility for information gathering and penetration testing automation!
Stars: ✭ 281 (-55.61%)
STEWSA Security Tool for Enumerating WebSockets
Stars: ✭ 154 (-75.67%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (-91.31%)
WasabiA dynamic analysis framework for WebAssembly programs.
Stars: ✭ 279 (-55.92%)
AppAuth-OAuth2-Books-DemoA companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk
Stars: ✭ 22 (-96.52%)
Cwe checkercwe_checker finds vulnerable patterns in binary executables
Stars: ✭ 372 (-41.23%)
log4shelldetectRapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
Stars: ✭ 40 (-93.68%)
secure-pipeline-advisorImprove your code security by running different security checks/validation in a simple way.
Stars: ✭ 25 (-96.05%)
NullawayA tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Stars: ✭ 3,035 (+379.46%)
Red-Rabbit-V4The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (-80.57%)
AutorizeAutomatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (-35.86%)
elm-reviewAnalyzes Elm projects, to help find mistakes before your users find them.
Stars: ✭ 195 (-69.19%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+509.48%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-95.26%)
DotdotpwnDotDotPwn - The Directory Traversal Fuzzer
Stars: ✭ 601 (-5.06%)
pentesting-notesNotes from OSCP, CTF, security adventures, etc...
Stars: ✭ 38 (-94%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (-36.65%)
metagoofilSearch Google and download specific file types
Stars: ✭ 174 (-72.51%)
FpndPython package for freepn network daemon
Stars: ✭ 271 (-57.19%)
warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Stars: ✭ 53 (-91.63%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+892.73%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-25.12%)
Vulnhub Ctf WriteupsThis cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Stars: ✭ 368 (-41.86%)
Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (-94%)
xss-chefA web application for generating custom XSS payloads
Stars: ✭ 70 (-88.94%)
SolhintSolhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.
Stars: ✭ 363 (-42.65%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-83.1%)
CaptfencoderCaptfEncoder是一款跨平台网络安全工具套件,提供网络安全相关编码转换、古典密码、密码学、特殊编码等工具,并聚合各类在线工具。
Stars: ✭ 473 (-25.28%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-96.52%)