Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-80.96%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-79.36%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-82.97%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (-16.03%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-77.15%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-75.75%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-83.77%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-73.75%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+245.09%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+300.2%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+146.09%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+20.44%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+3.61%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+71.14%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-46.29%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-18.84%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+60.72%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+116.23%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-89.38%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+133.27%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+102.2%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-81.96%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-82.16%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-39.68%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+602%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (-32.87%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+261.12%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-77.35%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (-78.36%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-69.94%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-64.53%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-78.96%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-61.92%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-61.72%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-62.53%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (-31.86%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (-30.86%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+456.11%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (-23.65%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-79.76%)
SqlmapAutomatic SQL injection and database takeover tool
Stars: ✭ 21,907 (+4290.18%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+9.02%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (-47.09%)
FatherLD_PRELOAD rootkit
Stars: ✭ 59 (-88.18%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+605.61%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (-42.48%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (-35.47%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-84.97%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+945.69%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-86.37%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-80.16%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (-22.24%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (-31.46%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-25.85%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (-10.02%)