magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+3314.29%)
EDRHuntScan installed EDRs and AVs on Windows
Stars: ✭ 406 (+2800%)
py4jshellSimulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
Stars: ✭ 86 (+514.29%)
JiraffeOne stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (+1021.43%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (+264.29%)
nozzlrNozzlr is a bruteforce framework, trully modular and script-friendly
Stars: ✭ 60 (+328.57%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+328.57%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (+564.29%)
challengesSecurity challenges and CTFs created by the Penultimate team.
Stars: ✭ 13 (-7.14%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (+64.29%)
SolveWithStackAndroid library for helping you to reach out to best possible answer for your bug/error available on stack overflow and will show it in your Android Studio Console only.
Stars: ✭ 15 (+7.14%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (+1235.71%)
pitchThe initial conversation slides and menu of scenarios
Stars: ✭ 37 (+164.29%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+492.86%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (+50%)
ESP-BugESP8266 based WiFi implant to remotely track the presence of certain people or devices via a simple web interface
Stars: ✭ 78 (+457.14%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+6321.43%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+221.43%)
rustpadMulti-threaded Padding Oracle attacks against any service. Written in Rust.
Stars: ✭ 75 (+435.71%)
sgCheckupsgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
Stars: ✭ 77 (+450%)
Discord-Block-BypassSimple script that utilities discord's flaw in detecting who blocked who.
Stars: ✭ 24 (+71.43%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+1950%)
doraFind exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (+1535.71%)
bulkssrfTests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.
Stars: ✭ 35 (+150%)
flaskbombGZip HTTP Bombing in Python for everyone
Stars: ✭ 30 (+114.29%)
adalancheActive Directory ACL Visualizer and Explorer - who's really Domain Admin?
Stars: ✭ 862 (+6057.14%)
Start-Menu-ManagerApp to add websites/software/files/folders/scripts to the Windows 10 Start Menu and Taskbar, and priority shortcuts to Windows 10 Search.
Stars: ✭ 126 (+800%)
Android-LDoSNo description or website provided.
Stars: ✭ 15 (+7.14%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+1385.71%)
Python-KeyloggerPython Tutorial - || Advanced Keylogger || Code Walk-through || Hacking/Info-Sec ||
Stars: ✭ 55 (+292.86%)
ronin-supportA support library for Ronin. Like activesupport, but for hacking!
Stars: ✭ 23 (+64.29%)
DDTTXDDTTX Tabletop Trainings
Stars: ✭ 22 (+57.14%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+800%)
honeykuA Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
Stars: ✭ 56 (+300%)
wildpwnunix wildcard attacks
Stars: ✭ 119 (+750%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (+92.86%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (+464.29%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (+878.57%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (+692.86%)
termux-snippetsAn integrated tool and a collection of snippets which helps in the various aspects of the terminal.
Stars: ✭ 28 (+100%)
polscanZero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
Stars: ✭ 57 (+307.14%)
fame modulesCommunity modules for FAME
Stars: ✭ 55 (+292.86%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (+150%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (+171.43%)
standards-maintenanceThis repository houses the interactions, consultations and work management to support the maintenance of baselined components of the Consumer Data Right API Standards and Information Security profile.
Stars: ✭ 32 (+128.57%)
react-obfuscateAn intelligent React component to obfuscate any contact link!
Stars: ✭ 87 (+521.43%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+26435.71%)
rawsec-cybersecurity-inventoryAn inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (+992.86%)
aa-policy-validatorValidate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation
Stars: ✭ 42 (+200%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (+664.29%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (+214.29%)
ArgosThis script will automatically set up an OSINT workstation starting from a Ubuntu OS.
Stars: ✭ 73 (+421.43%)