quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-69.05%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+1583.33%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+97.62%)
InfoPhishInfoPath Phishing Repo Resource
Stars: ✭ 68 (+61.9%)
gitls🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
Stars: ✭ 39 (-7.14%)
toolkitThe essential toolkit for reversing, malware analysis, and cracking
Stars: ✭ 176 (+319.05%)
Onioff🌰 An onion url inspector for inspecting deep web links.
Stars: ✭ 440 (+947.62%)
restincodeA memorial site for Hackers and Infosec people who have passed
Stars: ✭ 62 (+47.62%)
jsleaka Go code to detect leaks in JS files via regex patterns
Stars: ✭ 111 (+164.29%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-21.43%)
MalcomMalcom - Malware Communications Analyzer
Stars: ✭ 988 (+2252.38%)
EmissarySend notifications on different channels such as Slack, Telegram, Discord etc.
Stars: ✭ 33 (-21.43%)
APAC-MeetupsA community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
Stars: ✭ 52 (+23.81%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+2011.9%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (+1759.52%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+1240.48%)
Jsfscan.shAutomation for javascript recon in bug bounty.
Stars: ✭ 287 (+583.33%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-9.52%)
qvm-create-windows-qubeSpin up new Windows qubes quickly, effortlessly and securely on Qubes OS
Stars: ✭ 267 (+535.71%)
SimpleKeyloggerSimple Keylogger with smtp to send emails on your account using python works on linux and Windows
Stars: ✭ 32 (-23.81%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+1542.86%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-40.48%)
Pwdb-PublicA collection of all the data i could extract from 1 billion leaked credentials from internet.
Stars: ✭ 2,529 (+5921.43%)
PwndocPentest Report Generator
Stars: ✭ 417 (+892.86%)
TIGMINTTIGMINT: OSINT (Open Source Intelligence) GUI software framework
Stars: ✭ 195 (+364.29%)
AndroidSecNotesAn actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.
Stars: ✭ 140 (+233.33%)
StinkyphishMonitor Certificate Transparency Logs For Phishing Domains
Stars: ✭ 25 (-40.48%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (+4.76%)
SubzySubdomain takeover vulnerability checker
Stars: ✭ 287 (+583.33%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (+42.86%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+854.76%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+761.9%)
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-47.62%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (+0%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+1514.29%)
PyIrisPyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (+604.76%)
Cyber-SecurityThis repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.
Stars: ✭ 42 (+0%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+3642.86%)
DnsgenGenerates combination of domain names from the provided input.
Stars: ✭ 389 (+826.19%)
ScanApiSubdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
Stars: ✭ 34 (-19.05%)
BootsyDesigned to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.
Stars: ✭ 33 (-21.43%)
DDTTXDDTTX Tabletop Trainings
Stars: ✭ 22 (-47.62%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+2916.67%)
championscurriculumA training curriculum for teaching information security "champions" within small organisations and helping them conduct a basic assessment. (Work in progress)
Stars: ✭ 18 (-57.14%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+821.43%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+1223.81%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+8169.05%)
nozzlrNozzlr is a bruteforce framework, trully modular and script-friendly
Stars: ✭ 60 (+42.86%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+102.38%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+1478.57%)
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
Stars: ✭ 17 (-59.52%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+7973.81%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-9.52%)
termux-snippetsAn integrated tool and a collection of snippets which helps in the various aspects of the terminal.
Stars: ✭ 28 (-33.33%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+1745.24%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+14050%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (+571.43%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (+2.38%)