LnkupGenerates malicious LNK file payloads for data exfiltration
Stars: ✭ 205 (+279.63%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (+277.78%)
SQLbitJust another script for automatize boolean-based blind SQL injections. (Demo)
Stars: ✭ 30 (-44.44%)
FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+7331.48%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (+42.59%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (+335.19%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+268.52%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (+457.41%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (+240.74%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+850%)
CintruderCaptcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.
Stars: ✭ 192 (+255.56%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+455.56%)
Stegseek⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (+246.3%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-1.85%)
WirespyFramework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Stars: ✭ 293 (+442.59%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+4570.37%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (+238.89%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+6420.37%)
EvilUSBQuick utility to craft executables for pentesting and managing reverse shells
Stars: ✭ 33 (-38.89%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+1355.56%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+720.37%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (+94.44%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+9983.33%)
Xerrorfully automated pentesting tool
Stars: ✭ 173 (+220.37%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+6387.04%)
WiFi-ProjectPre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️
Stars: ✭ 22 (-59.26%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-25.93%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (+1224.07%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+10431.48%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+12375.93%)
CVE-2020-0688-ScannerQuick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.
Stars: ✭ 38 (-29.63%)
PspyMonitor linux processes without root permissions
Stars: ✭ 2,470 (+4474.07%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+705.56%)
MX1014MX1014 is a flexible, lightweight and fast port scanner.
Stars: ✭ 79 (+46.3%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (+201.85%)
PerfusionExploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
Stars: ✭ 272 (+403.7%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-18.52%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (+98.15%)
Web2attackWeb hacking framework with tools, exploits by python
Stars: ✭ 152 (+181.48%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (+1212.96%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+705.56%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-59.26%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-11.11%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+700%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (+3.7%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-75.93%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (+1507.41%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+690.74%)
CTF-WriteupsRepository of my CTF writeups
Stars: ✭ 25 (-53.7%)