GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+421.54%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+8720%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1286.15%)
GraphqlmapGraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
Stars: ✭ 434 (+233.85%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+232.31%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+256.15%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+224.62%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-22.31%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+4723.08%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+484.62%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+496.15%)
PompemFind exploit tool
Stars: ✭ 786 (+504.62%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+496.92%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+943.85%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+330%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+25214.62%)
Pentest EnvPentest environment deployer (kali linux + targets) using vagrant and chef.
Stars: ✭ 610 (+369.23%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+516.92%)
Spring Boot JwtJWT auth service using Spring Boot, Spring Security and MySQL
Stars: ✭ 795 (+511.54%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-23.85%)
Weblogger针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具
Stars: ✭ 547 (+320.77%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+389.23%)
Awesome Web Security🐶 A curated list of Web Security materials and resources.
Stars: ✭ 6,623 (+4994.62%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+5863.08%)
Jsql InjectionjSQL Injection is a Java application for automatic SQL database injection.
Stars: ✭ 891 (+585.38%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+613.85%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+601.54%)
Hapi Auth KeycloakJSON Web Token based Authentication powered by Keycloak
Stars: ✭ 29 (-77.69%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+639.23%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+494.62%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (+450%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-13.08%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-70%)
Geek Framework基于SpringBoot+Shiro+Redis+Jwt+Thymeleaf+MyBatis 开发的后台用户、角色、权限、会员管理、RestFul、Token和前台用户登录注册以及前后台用户分离的脚手架,技术交流请加QQ群:805442966
Stars: ✭ 804 (+518.46%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+220%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+437.69%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (+656.15%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-1.54%)
PakuriPenetration test Achieve Knowledge Unite Rapid Interface
Stars: ✭ 125 (-3.85%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+590%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+583.08%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+933.85%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (+596.92%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-25.38%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+581.54%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+693.85%)
Dashboard ServerA JSON file RESTful API with authorization based on json-server
Stars: ✭ 48 (-63.08%)
JoseUniversal "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK with no dependencies
Stars: ✭ 1,029 (+691.54%)
Nmap Nse InfoBrowse and search through nmap's NSE scripts.
Stars: ✭ 54 (-58.46%)