tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-95.01%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-91.41%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-20.5%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+100.83%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-96.4%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+12.19%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-89.47%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-56.51%)
Txtoolan easy pentesting tool.
Stars: ✭ 246 (-31.86%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (-66.76%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+929.09%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-86.15%)
revshfuzzA tool for fuzzing for ports that allow outgoing connections
Stars: ✭ 18 (-95.01%)
Okadminfinder3[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
Stars: ✭ 279 (-22.71%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-93.35%)
MS17010EXPLadon Moudle MS17010 Exploit for PowerShell
Stars: ✭ 40 (-88.92%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (-12.19%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+785.87%)
doubletapA very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...
Stars: ✭ 23 (-93.63%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+40.44%)
HackbrowserdataDecrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
Stars: ✭ 3,864 (+970.36%)
HatVenomHatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
Stars: ✭ 84 (-76.73%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (-5.82%)
AirgeddonThis is a multi-use bash script for Linux systems to audit wireless networks.
Stars: ✭ 3,830 (+960.94%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-24.38%)
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
Stars: ✭ 29 (-91.97%)
GetPwdIt's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)
Stars: ✭ 46 (-87.26%)
PerfusionExploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
Stars: ✭ 272 (-24.65%)
Cracker-ToolAll in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
Stars: ✭ 181 (-49.86%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (-24.65%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+235.18%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (-24.93%)
SSRF payload本脚本旨在生成各类畸形URL链接,进行探测使用的payload,尝试绕过服务端ssrf限制。
Stars: ✭ 28 (-92.24%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-2.22%)
kumasia./kumasia php simple backdoor
Stars: ✭ 13 (-96.4%)
WebanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (-13.85%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-24.65%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-93.91%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-24.93%)
organonThis program focuses on automating the download, installation and compilation of pentest tools from source
Stars: ✭ 36 (-90.03%)
Mr.sipSIP-Based Audit and Attack Tool
Stars: ✭ 266 (-26.32%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+16.62%)
PyckA collection of useful Python hacking scripts for beginners
Stars: ✭ 334 (-7.48%)
Searpy🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (-71.19%)
behindflareThis tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
Stars: ✭ 14 (-96.12%)
Esp Rfid ToolA tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.
Stars: ✭ 262 (-27.42%)
PhirauteeA proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
Stars: ✭ 96 (-73.41%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+896.12%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (-27.98%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-30.75%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-90.03%)
Objection📱 objection - runtime mobile exploration
Stars: ✭ 4,404 (+1119.94%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (-3.05%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (-7.2%)