MockttpPowerful friendly HTTP mock server & proxy
Stars: ✭ 346 (+217.43%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+312.84%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+4392.66%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+9.17%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-67.89%)
MastermindMan in the middle testing
Stars: ✭ 341 (+212.84%)
SmockerSmocker is a simple and efficient HTTP mock server and proxy.
Stars: ✭ 465 (+326.61%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+781.65%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+521.1%)
WiremockuiWiremock UI - Tool for creating mock servers, proxies servers and proxies servers with the option to save the data traffic from an existing API or Site.
Stars: ✭ 38 (-65.14%)
mainMocks Server monorepo
Stars: ✭ 109 (+0%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (+62.39%)
servirtium-javaService Virtualized HTTP - to help service test automation stay fast and consistent
Stars: ✭ 16 (-85.32%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-74.31%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+195.41%)
Gomitmproxygomitmproxy是想用golang语言实现[mitmproxy],实现http(s)代理
Stars: ✭ 337 (+209.17%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+256.88%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+3011.01%)
HabuHacking Toolkit
Stars: ✭ 635 (+482.57%)
Lyrebird移动应用插件化测试工作台
Stars: ✭ 663 (+508.26%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+736.7%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+600.92%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-21.1%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+1055.05%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-1.83%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-29.36%)
toolsTools used for Penetration testing / Red Teaming
Stars: ✭ 63 (-42.2%)
karateTest Automation Made Simple
Stars: ✭ 6,384 (+5756.88%)
mocat🐈 Mocat is a mocking toolbar that allows you to interactively develop and test network requests.
Stars: ✭ 27 (-75.23%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-54.13%)
hackipyHacking, pen-testing, and cyber-security related tools built with Python.
Stars: ✭ 26 (-76.15%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (+143.12%)
ruby-dns-mockDNS mock server written on 💎 Ruby. Mimic any DNS records for your test environment with fake DNS server.
Stars: ✭ 50 (-54.13%)
MockserverMockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and…
Stars: ✭ 3,479 (+3091.74%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (+175.23%)
Ssh Mitmssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation
Stars: ✭ 335 (+207.34%)
KubetapKubectl plugin to interactively proxy Kubernetes Services with ease
Stars: ✭ 297 (+172.48%)
Dev Sidecar开发者边车,github打不开,github加速,git clone加速,git release下载加速,stackoverflow加速
Stars: ✭ 163 (+49.54%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+223.85%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-77.06%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-13.76%)
SharinganSharingan(写轮眼)是一个基于golang的流量录制回放工具,适合项目重构、回归测试等。
Stars: ✭ 617 (+466.06%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+6547.71%)
GsnovaPrivate proxy solution & network troubleshooting tool.
Stars: ✭ 509 (+366.97%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+710.09%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+729.36%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-65.14%)
KarateTest Automation Made Simple
Stars: ✭ 5,497 (+4943.12%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+1026.61%)
ProxifySwiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.
Stars: ✭ 1,153 (+957.8%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-18.35%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+911.93%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+169.72%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+28.44%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+334.86%)
Mockserver Client NodeMockServer javascript client for browsers, Node.js or any grunt build
Stars: ✭ 52 (-52.29%)
Proxy.py⚡⚡⚡Fast, Lightweight, Pluggable, TLS interception capable proxy server focused on Network monitoring, controls & Application development, testing, debugging
Stars: ✭ 1,291 (+1084.4%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-5.5%)