ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+675.93%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (+496.3%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+1490.74%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+1679.63%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+1385.19%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (+903.7%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+7681.48%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+646.3%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+12644.44%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (+911.11%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+907.41%)
AirgeddonThis is a multi-use bash script for Linux systems to audit wireless networks.
Stars: ✭ 3,830 (+6992.59%)
NmapguiAdvanced Graphical User Interface for NMap
Stars: ✭ 318 (+488.89%)
P0wny ShellSingle-file PHP shell
Stars: ✭ 949 (+1657.41%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+10298.15%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+605.56%)
MilkyA .NET Standard library for pentesting web apps against credential stuffing attacks.
Stars: ✭ 49 (-9.26%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+1077.78%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+850%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+15546.3%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-1.85%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+16531.48%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-18.52%)
PompemFind exploit tool
Stars: ✭ 786 (+1355.56%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+842.59%)
RidrelayEnumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Stars: ✭ 359 (+564.81%)
PrintspooferAbusing Impersonation Privileges on Windows 10 and Server 2019
Stars: ✭ 613 (+1035.19%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+1446.3%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+1022.22%)
OscpMy OSCP journey
Stars: ✭ 50 (-7.41%)
SilverMass scan IPs for vulnerable services
Stars: ✭ 588 (+988.89%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+533.33%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+1442.59%)
CelerystalkAn asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
Stars: ✭ 333 (+516.67%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+935.19%)
NatlasScaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
Stars: ✭ 333 (+516.67%)
Grab.jsfast TCP banner grabbing with node.js
Stars: ✭ 33 (-38.89%)
Htrace.shMy simple Swiss Army knife for http/https troubleshooting and profiling.
Stars: ✭ 3,465 (+6316.67%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+507.41%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+1407.41%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (+500%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+920.37%)
Pcwt Stars: ✭ 46 (-14.81%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+1355.56%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+833.33%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+487.04%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+1388.89%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-50%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+1337.04%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+9983.33%)
WeirdaalWeirdAAL (AWS Attack Library)
Stars: ✭ 503 (+831.48%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+12375.93%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+824.07%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-18.52%)
HouseA runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Stars: ✭ 910 (+1585.19%)