ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-48.89%)
orbitaldumpA simple multi-threaded distributed SSH brute-forcing tool written in Python
Stars: ✭ 405 (+200%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-11.11%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-25.19%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (-54.07%)
NmapNmap - the Network Mapper. Github mirror of official SVN repository.
Stars: ✭ 5,792 (+4190.37%)
ldap2jsonThe ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Stars: ✭ 56 (-58.52%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+7641.48%)
GmailBruterV2Simple tool written in python3 to perform limited brute-force attacks on gmail accounts.
Stars: ✭ 264 (+95.56%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+180%)
BlowholeDocker auditing and enumeration script.
Stars: ✭ 21 (-84.44%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-71.85%)
FazPortFazPort is an advanced Perl Port Scanner. Scan and Detect open port in every website(s) you want.
Stars: ✭ 16 (-88.15%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+171.11%)
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
Stars: ✭ 76 (-43.7%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-14.07%)
mec-ngpentest toolbox
Stars: ✭ 28 (-79.26%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+174.07%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-60.74%)
SecuritybotDistributed alerting for the masses!
Stars: ✭ 987 (+631.11%)
xmlrpc-bruteforcerAn XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)
Stars: ✭ 62 (-54.07%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-34.07%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+2991.11%)
hathiA dictionary attack tool for PostgreSQL and MSSQL
Stars: ✭ 33 (-75.56%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+621.48%)
PUPI🛅 Passwords using personal information
Stars: ✭ 65 (-51.85%)
Easy hackHack the World using Termux
Stars: ✭ 549 (+306.67%)
domhttpxdomhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.
Stars: ✭ 59 (-56.3%)
abruteMulti-threaded AES Brute Force File Decryption
Stars: ✭ 22 (-83.7%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+24277.04%)
d00rSimple directory brute-force tool written with python.
Stars: ✭ 35 (-74.07%)
SitadelWeb Application Security Scanner
Stars: ✭ 360 (+166.67%)
Grab.jsfast TCP banner grabbing with node.js
Stars: ✭ 33 (-75.56%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+20%)
FindUncommonSharesFindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows Domains.
Stars: ✭ 186 (+37.78%)
phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
Stars: ✭ 21 (-84.44%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (+301.48%)
IMAPLoginTesterA simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.
Stars: ✭ 47 (-65.19%)
WPA2-FritzBox-Pswd-Wordlist-GeneratorThis Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.
Stars: ✭ 22 (-83.7%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1234.81%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-75.56%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+156.3%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+575.56%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-25.19%)
GofetchGoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
Stars: ✭ 543 (+302.22%)
yandi-scannerNetwork Security Vulnerability Scanner
Stars: ✭ 110 (-18.52%)
awesome-rails-securityA curated list of security resources for a Ruby on Rails application
Stars: ✭ 36 (-73.33%)
AclightA script for advanced discovery of Privileged Accounts - includes Shadow Admins
Stars: ✭ 536 (+297.04%)
BackToMeLittle tool made in python to create payloads for Linux, Windows and OSX with unique handler
Stars: ✭ 61 (-54.81%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (-11.85%)
RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
Stars: ✭ 1,109 (+721.48%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (+294.81%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+133.33%)