ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+409.5%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-3.35%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+545.81%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-44.41%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-46.09%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+446.37%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+114.25%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-63.41%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-76.54%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-49.16%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+124.58%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-70.67%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+883.52%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-24.86%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+374.86%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-7.54%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+438.55%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-60.89%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-1.4%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (-52.79%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+944.97%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+668.16%)
AirgeddonThis is a multi-use bash script for Linux systems to audit wireless networks.
Stars: ✭ 3,830 (+969.83%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+528.77%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-64.25%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-62.29%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-46.93%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+413.13%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-65.08%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-59.78%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-15.08%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-8.38%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-57.54%)
Privilege EscalationThis cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Stars: ✭ 2,117 (+491.34%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-47.49%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+670.39%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-43.02%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-43.02%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+675.14%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-43.58%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-40.22%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (-4.47%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (-29.89%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (-9.5%)
php-reverse-shellPHP shells that work on Linux OS, macOS, and Windows OS.
Stars: ✭ 274 (-23.46%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-33.52%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-87.15%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-25.14%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (-27.37%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-30.17%)