RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+1.94%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+24.93%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-52.35%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-50.97%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+692.8%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+43.21%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+38.5%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (-84.49%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+1907.2%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-53.74%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+598.61%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-40.17%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (-20.5%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+100.83%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-52.91%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+122.71%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+114.13%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+2240.44%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+144.6%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+111.63%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-95.01%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-78.39%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-75.35%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (-66.48%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+277.84%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-73.13%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-1.66%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+445.43%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (-66.76%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+870.36%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-65.37%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-89.47%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-60.11%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-60.11%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-66.48%)
RPCScanTool to communicate with RPC services and check misconfigurations on NFS shares
Stars: ✭ 53 (-85.32%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-89.75%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-90.58%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+540.44%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-53.19%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-86.7%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-40.72%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (-39.34%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+439.89%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-93.07%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (-61.22%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-91.41%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+929.09%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-20.5%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-92.24%)
LscriptThe LAZY script will make your life easier, and of course faster.
Stars: ✭ 3,056 (+746.54%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-70.08%)
Sec ToolsDocker images for infosec tools
Stars: ✭ 135 (-62.6%)
uberscanSecurity program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
Stars: ✭ 31 (-91.41%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-96.4%)
Txtoolan easy pentesting tool.
Stars: ✭ 246 (-31.86%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-86.15%)