PrintspooferAbusing Impersonation Privileges on Windows 10 and Server 2019
Stars: ✭ 613 (+1035.19%)
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (+4922.22%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+561.11%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+1446.3%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (+0%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+1022.22%)
sharinganOffensive Security recon tool
Stars: ✭ 88 (+62.96%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+540.74%)
OscpMy OSCP journey
Stars: ✭ 50 (-7.41%)
SQLbitJust another script for automatize boolean-based blind SQL injections. (Demo)
Stars: ✭ 30 (-44.44%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (-11.11%)
porteyeDetect alive host and open port .
Stars: ✭ 17 (-68.52%)
SilverMass scan IPs for vulnerable services
Stars: ✭ 588 (+988.89%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+674.07%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+533.33%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-53.7%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+1442.59%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+159.26%)
CelerystalkAn asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
Stars: ✭ 333 (+516.67%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+444.44%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+935.19%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (+7.41%)
NatlasScaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
Stars: ✭ 333 (+516.67%)
Grab.jsfast TCP banner grabbing with node.js
Stars: ✭ 33 (-38.89%)
cherrymapImport Nmap scans to Cherrytree
Stars: ✭ 37 (-31.48%)
Htrace.shMy simple Swiss Army knife for http/https troubleshooting and profiling.
Stars: ✭ 3,465 (+6316.67%)
PLtools整理一些内网常用渗透小工具
Stars: ✭ 227 (+320.37%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (+42.59%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (+335.19%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+507.41%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+1407.41%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (+500%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (+362.96%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+920.37%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+7681.48%)
Pcwt Stars: ✭ 46 (-14.81%)
CommixAutomated All-in-One OS Command Injection Exploitation Tool.
Stars: ✭ 3,016 (+5485.19%)
EvilUSBQuick utility to craft executables for pentesting and managing reverse shells
Stars: ✭ 33 (-38.89%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (+911.11%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+720.37%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (+94.44%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+5038.89%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+487.04%)
AndroticklerPenetration testing and auditing toolkit for Android apps.
Stars: ✭ 225 (+316.67%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+1388.89%)
WiFi-ProjectPre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️
Stars: ✭ 22 (-59.26%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-25.93%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (+1224.07%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+10431.48%)
CVE-2020-0688-ScannerQuick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.
Stars: ✭ 38 (-29.63%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+705.56%)