Haveibeenpwned Zxcvbn Lambda ApiDeploy your own secure API to estimate password strength and check haveibeenpwned for known matches - HTTPS by force, server not required, fire and brimstone sold separately 🔥
Stars: ✭ 57 (-62.5%)
MyriamA vulnerable iOS App with Security Challenges for the Security Researcher inside you.
Stars: ✭ 146 (-3.95%)
EnteletaorMessage Queue & Broker Injection tool
Stars: ✭ 139 (-8.55%)
Hybrid multicloud overlayMutiCloud_Overlay demonstrates a use case of overlay over one or more clouds such as AWS, Azure, GCP, OCI, Alibaba and a vSphere private infrastructure in Hub and spoke topology, point to point topology and in a Single cloud. Overlay protocols IPv6 and IPv4 are independent of underlying infrastructure. This solution can be integrated with encryption and additional security features.
Stars: ✭ 127 (-16.45%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-63.16%)
Audit scriptsScripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (-63.82%)
Firepwned🙏 Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API.
Stars: ✭ 69 (-54.61%)
Fisy FuzzThis is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (-27.63%)
PgenCommand-line passphrase generator
Stars: ✭ 68 (-55.26%)
PasspwnSee if your passwords in pass has been breached.
Stars: ✭ 130 (-14.47%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-55.26%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-28.95%)
PotironPotiron - Normalize, Index and Visualize Network Capture
Stars: ✭ 66 (-56.58%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-6.58%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+5911.18%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-28.95%)
SnifferA Sniffer for Open-WLAN
Stars: ✭ 103 (-32.24%)
MhddosBest DDoS Attack Script Python3, Cyber Attack With 36 Method
Stars: ✭ 55 (-63.82%)
CertifySSL Certificate Manager UI for Windows, powered by Let's Encrypt. Download from certifytheweb.com
Stars: ✭ 1,075 (+607.24%)
Lua Resty Auto SslOn the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt.
Stars: ✭ 1,786 (+1075%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-17.11%)
Macro packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (+605.26%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-3.29%)
Ssl CheckerA tiny NodeJS module to check SSL expiry 🔒
Stars: ✭ 62 (-59.21%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-15.79%)
W13scanPassive Security Scanner (被动式安全扫描器)
Stars: ✭ 1,066 (+601.32%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-30.92%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-65.13%)
FleetA flexible control server for osquery fleets
Stars: ✭ 1,068 (+602.63%)
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-7.89%)
BrambleBramble is a hacking Open source suite.
Stars: ✭ 60 (-60.53%)
Security TxtA proposed standard that allows websites to define security policies.
Stars: ✭ 1,393 (+816.45%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-3.95%)
ConsolemeA Central Control Plane for AWS Permissions and Access
Stars: ✭ 2,631 (+1630.92%)
SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+1062.5%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-33.55%)
PhonesploitA tool for remote ADB exploitation in Python3 for all Machines.
Stars: ✭ 122 (-19.74%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+609.87%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-31.58%)
Vpstoolbox一键安装Trojan-GFW代理,Hexo博客,Nextcloud等應用程式。
Stars: ✭ 1,080 (+610.53%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-32.24%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1108.55%)
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Stars: ✭ 100 (-34.21%)
Pw Pwnage CfworkerDeploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7.8+ billion breached accounts
Stars: ✭ 125 (-17.76%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+6390.79%)
Linux Secureboot KitTool for complete hardening of Linux boot chain with UEFI Secure Boot
Stars: ✭ 54 (-64.47%)
Smargate内网穿透,c++实现,无需公网IP,小巧,易用,快速,安全,最好的多链路聚合(p2p+proxy)模式,不做之一...这才是你真正想要的内网穿透工具!
Stars: ✭ 1,378 (+806.58%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-16.45%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+792.76%)
DragnetYour Social Engineering Sidekick
Stars: ✭ 139 (-8.55%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-18.42%)
PowershellarmouryA PowerShell armoury for penetration testers or other random security guys
Stars: ✭ 99 (-34.87%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-18.42%)
Awesome Cloud SecurityCurated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
Stars: ✭ 98 (-35.53%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-1.32%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-1.97%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1290.79%)