Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+344%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (+512%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+1160%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+1928%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (+52%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+460%)
ObserverWard 0x727Cross platform community web fingerprint identification tool
Stars: ✭ 529 (+2016%)
scansshFast SSH server and open proxy scanner
Stars: ✭ 26 (+4%)
NMSISNuclei Microcontroller Software Interface Standard Development Repo
Stars: ✭ 24 (-4%)
webcocktailAn automatic and lightweight web application scanning tool for CTF.
Stars: ✭ 28 (+12%)
E200 opensourceThis repository hosts the project for open-source hummingbird E203 RISC processor Core.
Stars: ✭ 1,909 (+7536%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+384%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+468%)
FofaMapFofaMap是一款基于Python3开发的跨平台FOFA数据采集器,支持网站图标查询、批量查询和自定义查询FOFA数据,能够根据查询结果自动去重并生成对应的Excel表格。另外春节特别版还可以调用Nuclei对目标进行漏洞扫描,让你在挖洞路上快人一步。
Stars: ✭ 118 (+372%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (+176%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1812%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (+32%)
NTPDoserNTP Doser is a NTP Amplification DoS/DDoS attack tool for penttesting
Stars: ✭ 96 (+284%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+864%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+4968%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (+848%)
PatatorPatator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Stars: ✭ 2,792 (+11068%)
MyJWTA cli for cracking, testing vulnerabilities on Json Web Token(JWT)
Stars: ✭ 92 (+268%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (+0%)
MimirOSINT Threat Intel Interface - CLI for HoneyDB
Stars: ✭ 104 (+316%)
AxiomThe dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Stars: ✭ 2,424 (+9596%)
RapidRepoPullThe goal of this program is to quickly pull and install repos from its list
Stars: ✭ 40 (+60%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (+380%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (+112%)
RunascsRunasCs - Csharp and open version of windows builtin runas.exe
Stars: ✭ 216 (+764%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+144%)
FazPortFazPort is an advanced Perl Port Scanner. Scan and Detect open port in every website(s) you want.
Stars: ✭ 16 (-36%)
skweezFast website scraper and wordlist generator
Stars: ✭ 49 (+96%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (+764%)
keyscopeKeyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
Stars: ✭ 369 (+1376%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+756%)
nuclei-sdkNuclei RISC-V Software Development Kit
Stars: ✭ 65 (+160%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+11348%)
VNCPwnVNC pentest tool with bruteforce and ducky script execution features
Stars: ✭ 21 (-16%)
Hadoop Attack LibraryA collection of pentest tools and resources targeting Hadoop environments
Stars: ✭ 228 (+812%)
report-ngGenerate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
Stars: ✭ 62 (+148%)
Pentest WikiPENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Stars: ✭ 2,668 (+10572%)
CloudlistCloudlist is a tool for listing Assets from multiple Cloud Providers.
Stars: ✭ 207 (+728%)
DoxycannonA poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (+764%)
mobilehacktoolsA repository for scripting a mobile attack toolchain
Stars: ✭ 61 (+144%)
Hackers Tool KitIts a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (+744%)
flydnsRelated subdomains finder
Stars: ✭ 29 (+16%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+8216%)
Industrial-Security-Auditing-FrameworkISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (+72%)
AzureAD Autologon BruteBrute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Stars: ✭ 90 (+260%)
leetspeekOpen and collaborative content from leet hackers!
Stars: ✭ 11 (-56%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+460%)