FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+7191.03%)
PerfusionExploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
Stars: ✭ 272 (+248.72%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (+600%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+4784.62%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-32.05%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+457.69%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (+239.74%)
Esp Rfid ToolA tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.
Stars: ✭ 262 (+235.9%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+7098.72%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+453.85%)
Zio Tls Http100% non-blocking, Java NIO only( inspired by zio-nio) , JSON HTTP server based on Scala ZIO library. Everything including TLS encryption modeled as ZIO effects, convenient route DSL similar to https4s, up to 30K TPS local JSON transaction with 25 threads on 6 cores(i7) with ZIO fibers.
Stars: ✭ 71 (-8.97%)
NeedleThe iOS Security Testing Framework
Stars: ✭ 1,122 (+1338.46%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-43.59%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+8537.18%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+447.44%)
Vipermetasploit-framework 图形界面 / 图形化内网渗透工具
Stars: ✭ 487 (+524.36%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+228.21%)
docker-osmedeusDocker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 78 (+0%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+994.87%)
OscpMy OSCP journey
Stars: ✭ 50 (-35.9%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-71.79%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-76.92%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+985.9%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (+8.97%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-12.82%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+893.59%)
Ansible PlaybooksAnsible playbook collection that have been written for Ubuntu. Some of the playbooks are Elasticsearch, Mesos, AWS, MySql, Sensu, Nginx etc..
Stars: ✭ 429 (+450%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-21.79%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+546.15%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-38.46%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-67.95%)
cassandra-ldapLDAP Authenticator for Apache Cassandra
Stars: ✭ 20 (-74.36%)
LdaptiveA simple, extensible Java API for interacting with LDAP servers
Stars: ✭ 43 (-44.87%)
FoureyeAV Evasion Tool For Red Team Ops
Stars: ✭ 421 (+439.74%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+443.59%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-70.51%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (+443.59%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+442.31%)
Eloquent LdapA Laravel 5.1 package that first tries to log the user against the internal database if that fails, it tries against the configured LDAP/AD server.
Stars: ✭ 19 (-75.64%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-20.51%)
Ldapperldapper — a hassle-free Python LDAP ORM for getting real work done
Stars: ✭ 43 (-44.87%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+437.18%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-1.28%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+530.77%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-7.69%)
docker-lemonldapDocker LemonLDAP-NG Image w/S6 overlay, Zabbix Monitoring based on Debian or Alpine
Stars: ✭ 20 (-74.36%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+970.51%)
account-toolAccount Tool to Manage LDAP Accounts
Stars: ✭ 25 (-67.95%)
CVE-2020-0688-ScannerQuick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.
Stars: ✭ 38 (-51.28%)
MilkyA .NET Standard library for pentesting web apps against credential stuffing attacks.
Stars: ✭ 49 (-37.18%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (+437.18%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+874.36%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (+437.18%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+433.33%)
KeyloggerA simple keylogger for Windows, Linux and Mac
Stars: ✭ 1,007 (+1191.03%)
RoothelperA Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
Stars: ✭ 416 (+433.33%)