DracnmapDracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Stars: ✭ 861 (+594.35%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-33.87%)
Ripv6Random IPv6 - circumvents restrictive IP address-based filter and blocking rules
Stars: ✭ 10 (-91.94%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-18.55%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+890.32%)
Network minerNetwork Miner generates a network map by sending SNMP requests (LLDP/CDP/EDP).
Stars: ✭ 25 (-79.84%)
Masscan to nmap基于masscan和nmap的快速端口扫描和指纹识别工具,优化版本(获取标题,页面长度,过滤防火墙)
Stars: ✭ 112 (-9.68%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-36.29%)
Manubulon SnmpSet of Icinga/Nagios plugins to check hosts and hardware with the SNMP protocol.
Stars: ✭ 63 (-49.19%)
Venomvenom - shellcode generator/compiler/handler (metasploit)
Stars: ✭ 904 (+629.03%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+994.35%)
Junos monitoring with healthbotHealthbot configuration examples. Scripts to manage Healthbot. Closed loop automation. Healthbot building blocks description and troubleshooting guide
Stars: ✭ 17 (-86.29%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-37.1%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-3.23%)
NaabuA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Stars: ✭ 1,121 (+804.03%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (+442.74%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+548.39%)
JrdsAnother monitoring application, intentend to be simple to use and extensible.
Stars: ✭ 72 (-41.94%)
YamsA collection of Ansible roles for automating infosec builds.
Stars: ✭ 98 (-20.97%)
PompemFind exploit tool
Stars: ✭ 786 (+533.87%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+848.39%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+525.81%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+525%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+512.9%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-45.16%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+487.1%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-1.61%)
HtshellsSelf contained htaccess shells and attacks
Stars: ✭ 708 (+470.97%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-46.77%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+463.71%)
Win PortfwdPowershell script to setup windows port forwarding using native netsh client
Stars: ✭ 95 (-23.39%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+816.13%)
WpforceWordpress Attack Suite
Stars: ✭ 633 (+410.48%)
BadpodsA collection of manifests that will create pods with elevated privileges.
Stars: ✭ 93 (-25%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (-50%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+412.9%)
Awesome Terminal CommandsAn awesome resource listing and explaining various commonly used *nix commands
Stars: ✭ 109 (-12.1%)
Thc Ipv6IPv6 attack toolkit
Stars: ✭ 673 (+442.74%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+410.48%)
Hscan集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;使用oneforall自动遍历子域名并扫描;
Stars: ✭ 63 (-49.19%)
EternalviewEternalView is an all in one basic information gathering and vulnerability assessment tool
Stars: ✭ 118 (-4.84%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (+400.81%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-50%)
Digispark ScriptsUSB Rubber Ducky type scripts written for the DigiSpark.
Stars: ✭ 629 (+407.26%)
Foolavcfoolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
Stars: ✭ 93 (-25%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+961.29%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (+395.16%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-27.42%)
Nim SmbexecSMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique
Stars: ✭ 59 (-52.42%)
SnmpfwdSNMP Proxy Forwarder
Stars: ✭ 58 (-53.23%)
Black WidowGUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124 (+0%)