ronin-supportA support library for Ronin. Like activesupport, but for hacking!
Stars: ✭ 23 (-89.2%)
GreconYour Google Recon is Now Automated
Stars: ✭ 119 (-44.13%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1194.84%)
AnsvifA Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-49.77%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+818.31%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-45.54%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-12.21%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-83.57%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (-80.28%)
Lyncsmashlocate and attack Lync/Skype for Business
Stars: ✭ 258 (+21.13%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (-3.76%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (+22.07%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-60.09%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (+27.7%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+38.03%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+1553.05%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+1544.6%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+26.29%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-41.31%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-43.19%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-40.85%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+1853.99%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-26.76%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+2349.77%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+90.14%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+88.26%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+96.71%)
fuzzmostall manner of wordlists
Stars: ✭ 23 (-89.2%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+102.82%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120 (-43.66%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-39.91%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+956.81%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+117.37%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+99.06%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+136.62%)
BrutesploitBruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
Stars: ✭ 424 (+99.06%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+158.69%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+698.12%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+173.71%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+15350.23%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-38.5%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+805.16%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+198.59%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+98.59%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+256.81%)
Packer FuzzerPacker Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Stars: ✭ 753 (+253.52%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+263.85%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+240.38%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+11.74%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (+17.84%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-87.32%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-50.7%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+815.02%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-36.62%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-32.39%)