Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (+68.52%)
BughoundStatic code analysis tool based on Elasticsearch
Stars: ✭ 124 (+129.63%)
BeFreeWebsite Security, Antivirus & Firewall || a powerful application that can secure your website against hackers, attacks and other incidents of abuse
Stars: ✭ 24 (-55.56%)
Kunpengkunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Stars: ✭ 1,242 (+2200%)
bentoBento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.
Stars: ✭ 74 (+37.04%)
exploitsSome of my public exploits
Stars: ✭ 50 (-7.41%)
ai-cmsFree and open source Manga CMS (Deprecated!)
Stars: ✭ 35 (-35.19%)
MeltdownLocal Exploit for Meltdown
Stars: ✭ 74 (+37.04%)
ninjaberryNinjaberry: Raspberry Pi UI for @bettercap
Stars: ✭ 39 (-27.78%)
CobraSource Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+5088.89%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+1618.52%)
Grinder🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)
Stars: ✭ 209 (+287.04%)
SubzySubdomain takeover vulnerability checker
Stars: ✭ 287 (+431.48%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+5290.74%)
Chimay RedMikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
Stars: ✭ 63 (+16.67%)
Security ScriptsA collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
Stars: ✭ 188 (+248.15%)
Insecureprogrammingmirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
Stars: ✭ 229 (+324.07%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (+235.19%)
SafetySafety checks your installed dependencies for known security vulnerabilities
Stars: ✭ 982 (+1718.52%)
hikvision-recoverCommand-line tool for generating recovery codes for Hikvision IP Cameras
Stars: ✭ 40 (-25.93%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+200%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+11531.48%)
Go ShodanShodan API client
Stars: ✭ 158 (+192.59%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+237.04%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+3277.78%)
Spectre AttackExample of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)
Stars: ✭ 690 (+1177.78%)
Wpscan V3THIS REPOSITORY HAS BEEN MOVED TO https://github.com/wpscanteam/wpscan USE THAT!!!
Stars: ✭ 132 (+144.44%)
netscanA fast TCP port scanner
Stars: ✭ 63 (+16.67%)
Vuln Web AppsA curated list of vulnerable web applications.
Stars: ✭ 128 (+137.04%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (+122.22%)
Securityadvisories🔐 Security advisories as a simple composer exclusion list, updated daily
Stars: ✭ 2,279 (+4120.37%)
MinionsDistributed filesystem scanner
Stars: ✭ 115 (+112.96%)
FuzzapiFuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Stars: ✭ 521 (+864.81%)
Vscan Gogolang version for nmap service and application version detection (without nmap installation)
Stars: ✭ 107 (+98.15%)
weblogic honeypotWebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (-44.44%)
PakalaOffensive vulnerability scanner for ethereum, and symbolic execution tool for the Ethereum Virtual Machine
Stars: ✭ 97 (+79.63%)
PyupA tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
Stars: ✭ 379 (+601.85%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (+46.3%)
WebpocketExploit management framework
Stars: ✭ 142 (+162.96%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+16711.11%)
HoperSecurity tool to trace URL's jumps across the rel links to obtain the last URL
Stars: ✭ 50 (-7.41%)
sandfly-setupSandfly Security Agentless Compromise and Intrusion Detection System For Linux
Stars: ✭ 45 (-16.67%)
SlowhttptestApplication Layer DoS attack simulator
Stars: ✭ 1,003 (+1757.41%)
Commit WatcherFind interesting and potentially hazardous commits in git projects
Stars: ✭ 345 (+538.89%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+1685.19%)
TlsfuzzerSSL and TLS protocol test suite and fuzzer
Stars: ✭ 335 (+520.37%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+1487.04%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (+90.74%)
RopiumROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together
Stars: ✭ 288 (+433.33%)
bWAPPbWAPP latest modified for PHP7
Stars: ✭ 30 (-44.44%)
jawfishTool for breaking into web applications.
Stars: ✭ 84 (+55.56%)
SoteriaPlugin to block compilation when unapproved dependencies are used or code styling does not comply.
Stars: ✭ 36 (-33.33%)
Ssl CheckerPython script that collects SSL/TLS information from hosts
Stars: ✭ 94 (+74.07%)
ekolabsEKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference
Stars: ✭ 47 (-12.96%)