Macro packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (+706.02%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+457.89%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+265.41%)
W13scanPassive Security Scanner (被动式安全扫描器)
Stars: ✭ 1,066 (+701.5%)
Netfabric.hyperlinq High performance LINQ implementation with minimal heap allocations. Supports enumerables, async enumerables, arrays and Span<T>.
Stars: ✭ 479 (+260.15%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-27.07%)
DronesploitDrone pentesting framework console
Stars: ✭ 473 (+255.64%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-60.9%)
GobyAttack surface mapping
Stars: ✭ 446 (+235.34%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (+0.75%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+3581.95%)
Pythempentest framework
Stars: ✭ 1,060 (+696.99%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-27.07%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+239.1%)
OpencvdeviceenumeratorThis repository contains a class that allows the enumeration of video and audio devices in order to get the device IDs that are required to create a VideoCapture object inside OpenCV (in Windows).
Stars: ✭ 48 (-63.91%)
Awesome Test AutomationA curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com
Stars: ✭ 4,712 (+3442.86%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1254.89%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+232.33%)
Pcwt Stars: ✭ 46 (-65.41%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+230.08%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (+227.82%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+227.07%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-6.77%)
GosecGolang security checker
Stars: ✭ 5,694 (+4181.2%)
PystatAdvanced Netstat Using Python For Windows
Stars: ✭ 44 (-66.92%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+221.05%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+224.06%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+455.64%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (+221.8%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1187.97%)
Wahh extrasThe Web Application Hacker's Handbook - Extra Content
Stars: ✭ 428 (+221.8%)
Offport killerThis tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.
Stars: ✭ 40 (-69.92%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (+218.05%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+215.04%)
ToxicAn ncurses-based Tox client (please make pull requests on the development fork: https://github.com/toktok/toxic)
Stars: ✭ 987 (+642.11%)
PwndocPentest Report Generator
Stars: ✭ 417 (+213.53%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-2.26%)
RoothelperA Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
Stars: ✭ 416 (+212.78%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (+639.1%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+211.28%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (-28.57%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+210.53%)
Exein Openwrt PublicOpenwrt 18.06.5 featured with the Exein's security framework
Stars: ✭ 36 (-72.93%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+204.51%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-15.04%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+454.14%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-21.05%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-45.11%)
NotrulerThe opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
Stars: ✭ 72 (-45.86%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+4622.56%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-9.77%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+447.37%)