c2A simple, extensible C&C beaconing system.
Stars: ✭ 93 (-71.12%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-92.55%)
peniotPENIOT: Penetration Testing Tool for IoT
Stars: ✭ 164 (-49.07%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (-19.25%)
MS17010EXPLadon Moudle MS17010 Exploit for PowerShell
Stars: ✭ 40 (-87.58%)
lightning-hydra-templatePyTorch Lightning + Hydra. A very user-friendly template for rapid and reproducible ML experimentation with best practices. ⚡🔥⚡
Stars: ✭ 1,905 (+491.61%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (-19.25%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+57.45%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-95.34%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (-35.4%)
FsocietyA Modular Penetration Testing Framework
Stars: ✭ 259 (-19.57%)
PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (-10.56%)
doubletapA very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...
Stars: ✭ 23 (-92.86%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-90.37%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-22.36%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-93.48%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-5.59%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-95.96%)
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
Stars: ✭ 29 (-90.99%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (-65.53%)
webreconAutomated Web Recon Shell Scripts
Stars: ✭ 48 (-85.09%)
GetPwdIt's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)
Stars: ✭ 46 (-85.71%)
LauschgeraetGets in the way of your victim's traffic and out of yours
Stars: ✭ 25 (-92.24%)
hykuHyku: A multi-tenant Hyrax application built on the latest and greatest Samvera community components. Brought to you by the Hydra-in-a-Box project partners and IMLS; maintained by the Hyku Interest Group.
Stars: ✭ 83 (-74.22%)
Lyncsmashlocate and attack Lync/Skype for Business
Stars: ✭ 258 (-19.88%)
Cracker-ToolAll in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
Stars: ✭ 181 (-43.79%)
presentationsPresentations at the Tokyo Nixos Meetup
Stars: ✭ 57 (-82.3%)
ftpknocker🔑 ftpknocker is a multi-threaded scanner for finding anonymous FTP servers
Stars: ✭ 38 (-88.2%)
DNSExplorerBash script that automates the enumeration of domains and DNS servers in the active information gathering.
Stars: ✭ 33 (-89.75%)
Rshijacktcp connection hijacker, rust rewrite of shijack
Stars: ✭ 288 (-10.56%)
nclnuclei framework scripts
Stars: ✭ 25 (-92.24%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+275.78%)
skweezFast website scraper and wordlist generator
Stars: ✭ 49 (-84.78%)
Industrial-Security-Auditing-FrameworkISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (-86.65%)
Project BlackPentest/BugBounty progress control with scanning modules
Stars: ✭ 257 (-20.19%)
filter-var-sqliBypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
Stars: ✭ 29 (-90.99%)
OSCP-PrepContained is all my reference material for my OSCP preparation. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.
Stars: ✭ 33 (-89.75%)
WiCrackFiPython Script to help/automate the WiFi hacking exercises.
Stars: ✭ 61 (-81.06%)
WebanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (-3.42%)
BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (-5.9%)
Client GeneratorGenerate React or Vue.js-based Progressive Web Apps from an Hydra-enabled API. Also support React Native.
Stars: ✭ 286 (-11.18%)
HOUDINIHundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Stars: ✭ 791 (+145.65%)
kumasia./kumasia php simple backdoor
Stars: ✭ 13 (-95.96%)
AzureAD Autologon BruteBrute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Stars: ✭ 90 (-72.05%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-93.17%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-81.99%)
docker-osmedeusDocker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 78 (-75.78%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-94.1%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-78.57%)
toolsTools used for Penetration testing / Red Teaming
Stars: ✭ 63 (-80.43%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-92.24%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+29.81%)