GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-28.49%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-52.33%)
GitmailsAn information gathering tool to collect git commit emails in version control host services
Stars: ✭ 142 (-17.44%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+157.56%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+367.44%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+152.91%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-41.28%)
GoscanInteractive Network Scanner
Stars: ✭ 795 (+362.21%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-1.16%)
PompemFind exploit tool
Stars: ✭ 786 (+356.98%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (-5.23%)
DirmapAn advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
Stars: ✭ 2,127 (+1136.63%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+693.02%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+356.98%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-54.65%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+143.6%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-30.23%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+594.19%)
DeauthdetectorDetect deauthentication frames using an ESP8266
Stars: ✭ 406 (+136.05%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-18.6%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+582.56%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+133.14%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1033.14%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-59.3%)
Firecrack🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Stars: ✭ 157 (-8.72%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-60.47%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+122.09%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-33.14%)
SqlmapAutomatic SQL injection and database takeover tool
Stars: ✭ 21,907 (+12636.63%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-61.63%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+119.77%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-21.51%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+2319.77%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+351.16%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+787.21%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+688.95%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+3816.86%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1208.72%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-43.6%)
NeedleThe iOS Security Testing Framework
Stars: ✭ 1,122 (+552.33%)
RidrelayEnumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Stars: ✭ 359 (+108.72%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-3.49%)
RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
Stars: ✭ 1,109 (+544.77%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+100.58%)
JlscaSide-channel toolkit in Julia
Stars: ✭ 114 (-33.72%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+100.58%)
Nim SmbexecSMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique
Stars: ✭ 59 (-65.7%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (+97.67%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-20.93%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+338.37%)
Put2winScript to automate PUT HTTP method exploitation to get shell
Stars: ✭ 96 (-44.19%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-44.19%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+321.51%)