SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+7105.71%)
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Stars: ✭ 227 (+548.57%)
GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
Stars: ✭ 66 (+88.57%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+3862.86%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (+680%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+631.43%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+19562.86%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+757.14%)
DoxycannonA poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (+517.14%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+814.29%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+785.71%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (+637.14%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+885.71%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+877.14%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+991.43%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (+857.14%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+1134.29%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+1097.14%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+1185.71%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+845.71%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+1325.71%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+1305.71%)
HabuHacking Toolkit
Stars: ✭ 635 (+1714.29%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+1254.29%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+2108.57%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+2054.29%)
StracciatellaOpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
Stars: ✭ 171 (+388.57%)
DNSWhotransmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV
Stars: ✭ 47 (+34.29%)
Go BypassGolang Bypass Av Generator template
Stars: ✭ 606 (+1631.43%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+25560%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (+94.29%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+24040%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+3440%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (+134.29%)
Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (+171.43%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (+231.43%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (+208.57%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (+251.43%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (+200%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (+265.71%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (+274.29%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+2482.86%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (+362.86%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (+311.43%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+511.43%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (+445.71%)
LscriptThe LAZY script will make your life easier, and of course faster.
Stars: ✭ 3,056 (+8631.43%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (+288.57%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+17128.57%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+3288.57%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+2197.14%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (+282.86%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+74.29%)
Defeat-Defender-V1.2Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
Stars: ✭ 885 (+2428.57%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+10514.29%)