FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-12.83%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+45.29%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-73.15%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-23.45%)
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Stars: ✭ 227 (-54.51%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+1699.8%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+268.14%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-28.86%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-60.12%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+161.12%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-67.13%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+0.2%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+45.89%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-83.57%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-73.95%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-69.94%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-68.74%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-62.53%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-64.53%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-61.72%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-61.92%)
JiraffeOne stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (-68.54%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-92.38%)
AutosploitAutomated Mass Exploiter
Stars: ✭ 4,500 (+801.8%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-56.31%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-84.97%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+881.36%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-69.74%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-75.95%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+452.71%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-63.53%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-76.75%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+589.18%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+456.11%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (-22.24%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-56.31%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+9.02%)
FatherLD_PRELOAD rootkit
Stars: ✭ 59 (-88.18%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-76.75%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+605.61%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (-42.48%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+602%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-46.29%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-39.68%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (-35.47%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-14.43%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (-31.46%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-13.63%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (-47.09%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (-32.87%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (-31.86%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (-30.86%)
SqlmapAutomatic SQL injection and database takeover tool
Stars: ✭ 21,907 (+4290.18%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (-23.65%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-18.84%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+945.69%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-19.24%)