InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+381.01%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-44.94%)
ScapyScapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Stars: ✭ 6,932 (+4287.34%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1300.63%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (-26.58%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+367.72%)
JwtA JWT (JSON Web Token) Encoder & Decoder
Stars: ✭ 107 (-32.28%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+156.33%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-66.46%)
TelemetrysourcererEnumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (+153.16%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-1.27%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+2351.27%)
Backfuzzprotocol fuzzing toolkit
Stars: ✭ 106 (-32.91%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+143.67%)
HoperSecurity tool to trace URL's jumps across the rel links to obtain the last URL
Stars: ✭ 50 (-68.35%)
Rails Security Checklist🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Stars: ✭ 1,265 (+700.63%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+366.46%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+141.14%)
PytosA Python SDK for Tufin Orchestration Suite
Stars: ✭ 49 (-68.99%)
Myscanmyscan 被动扫描
Stars: ✭ 373 (+136.08%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-33.54%)
Clr MeterpreterThe full story of the CLR implementation of Meterpreter
Stars: ✭ 137 (-13.29%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+1600.63%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-47.47%)
PystatAdvanced Netstat Using Python For Windows
Stars: ✭ 44 (-72.15%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+3202.53%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-10.13%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+538.61%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-34.81%)
UgfraudAn Unsupervised Graph-based Toolbox for Fraud Detection
Stars: ✭ 38 (-75.95%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (+128.48%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-18.99%)
SecuritybotDistributed alerting for the masses!
Stars: ✭ 987 (+524.68%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-36.08%)
KatanaA Python Tool For google Hacking
Stars: ✭ 355 (+124.68%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-77.22%)
TrailscraperA command-line tool to get valuable information out of AWS CloudTrail
Stars: ✭ 352 (+122.78%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-5.7%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+122.78%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-77.85%)
Enum4linux NgA next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Stars: ✭ 349 (+120.89%)
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Stars: ✭ 100 (-36.71%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+687.34%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+360.76%)
Repo Security ScannerCLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
Stars: ✭ 977 (+518.35%)
SojoboA binary analysis framework
Stars: ✭ 116 (-26.58%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+354.43%)
Fail2banDaemon to ban hosts that cause multiple authentication errors
Stars: ✭ 6,677 (+4125.95%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-48.1%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (+348.73%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-7.59%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-13.92%)
WynisAudit Windows Security with best Practice
Stars: ✭ 116 (-26.58%)