serial-builderLibrary for manually creating Java serialization data.
Stars: ✭ 20 (-99.13%)
JexbossJexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Stars: ✭ 2,008 (-12.16%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-94.27%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-94.23%)
WincmdfuWindows one line commands that make life easier, shortcuts and command line fu.
Stars: ✭ 145 (-93.66%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-94.4%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-93.18%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-94.05%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-94.53%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (-24.85%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-94.18%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (-21.17%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-93.13%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (-1.53%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-93.7%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-92.83%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-94.49%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-93.88%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-94.62%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-93.35%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-94.14%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-94.75%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (-14.74%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-94.23%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-93.44%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (-25.63%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-92.91%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (-3.19%)
CrackmapextremeFor all your network pentesting needs
Stars: ✭ 148 (-93.53%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-94.27%)
PspyMonitor linux processes without root permissions
Stars: ✭ 2,470 (+8.05%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-93.7%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-94.31%)
Firecrack🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Stars: ✭ 157 (-93.13%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (-24.67%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (-12.64%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-94.4%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-92.74%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (-19.64%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-93.88%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-94.49%)
Web2attackWeb hacking framework with tools, exploits by python
Stars: ✭ 152 (-93.35%)
SubrakeA Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
Stars: ✭ 125 (-94.53%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-94.09%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-94.66%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (-92.87%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-94.71%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (-20.12%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (-26.33%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-93.44%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-94.93%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-94.14%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-92.69%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-92.91%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-93.39%)