Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-71.85%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+171.11%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-14.07%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+174.07%)
SecuritybotDistributed alerting for the masses!
Stars: ✭ 987 (+631.11%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (+371.85%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-34.07%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+2991.11%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+621.48%)
TelekillerA Tools Session Hijacking And Stealer Local Passcode Telegram Windows
Stars: ✭ 122 (-9.63%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-23.7%)
Cloud Security AuditA command line security audit tool for Amazon Web Services
Stars: ✭ 68 (-49.63%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+371.11%)
Grab.jsfast TCP banner grabbing with node.js
Stars: ✭ 33 (-75.56%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-49.63%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+368.89%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1234.81%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+575.56%)
C Jwt CrackerJWT brute force cracker written in C
Stars: ✭ 1,282 (+849.63%)
Socialbox TermuxSocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By init__0 for termux on android
Stars: ✭ 324 (+140%)
PantherDetect threats with log data and improve cloud security posture
Stars: ✭ 885 (+555.56%)
PodePode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers
Stars: ✭ 329 (+143.7%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-7.41%)
FuriousGolang IP/port scanner with SYN (stealth) scanning and device manufacturer identification
Stars: ✭ 327 (+142.22%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+554.07%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+138.52%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-36.3%)
OsintgramOsintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (+131.11%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-23.7%)
Digispark ScriptsUSB Rubber Ducky type scripts written for the DigiSpark.
Stars: ✭ 629 (+365.93%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (+354.81%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (+132.59%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1168.89%)
HackdroidAndroid Apps, Roms and Platforms for Pentesting
Stars: ✭ 310 (+129.63%)
Leviathanwide range mass audit toolkit
Stars: ✭ 862 (+538.52%)
CsetCybersecurity Evaluation Tool
Stars: ✭ 304 (+125.19%)
Rails Security Checklist🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Stars: ✭ 1,265 (+837.04%)
BurpdeveltrainingMaterial for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Stars: ✭ 302 (+123.7%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+534.81%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+120%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-2.22%)
Turnscan.jsScanning LAN hosts from Chrome using ICE servers
Stars: ✭ 27 (-80%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+825.19%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+2494.81%)
Wooyunwooyun public information backup
Stars: ✭ 112 (-17.04%)
DotdotpwnDotDotPwn - The Directory Traversal Fuzzer
Stars: ✭ 601 (+345.19%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+6668.15%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+345.19%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+1319.26%)
SilverMass scan IPs for vulnerable services
Stars: ✭ 588 (+335.56%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-23.7%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-51.11%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+4040.74%)