Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-52.42%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+3856.39%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-27.75%)
PwnedPasswordsCheckerSearch (offline) if your password (NTLM or SHA1 format) has been leaked (HIBP passwords list v8)
Stars: ✭ 52 (-77.09%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+119.82%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+648.9%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+88.11%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+120.26%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+125.99%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+258.59%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+68.28%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+77.53%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+97.8%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+90.31%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+198.24%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+219.38%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+138.33%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+3622.03%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-88.99%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-70.04%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (-15.86%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+474.01%)
Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-58.15%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-53.74%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-44.49%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+63%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+56.39%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+86.78%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+51.98%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+91.63%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+709.25%)
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: ✭ 2,163 (+852.86%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+122.03%)
ScavengerCrawler (Bot) searching for credential leaks on different paste sites.
Stars: ✭ 347 (+52.86%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+2931.72%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+2620.26%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+240.53%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+12485.46%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-18.94%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+290.31%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+52.42%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-62.56%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-63.88%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-57.71%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+440.97%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-45.81%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-46.26%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-65.64%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-40.97%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-36.56%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-33.92%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-28.63%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (+47.58%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+412.78%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-42.29%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+918.5%)