writeupsWriteups for vulnerable machines.
Stars: ✭ 110 (-33.73%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-63.25%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-79.52%)
Riceteacatpandarepo with challenge material for riceteacatpanda (2020)
Stars: ✭ 18 (-89.16%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-46.39%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-80.12%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-92.17%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (-62.65%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-60.24%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-19.28%)
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Stars: ✭ 302 (+81.93%)
pentesting-notesNotes from OSCP, CTF, security adventures, etc...
Stars: ✭ 38 (-77.11%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+449.4%)
echoCTF.REDA platform to develop, run and administer CTF competitions. The online echoCTF.RED platform user interfaces and codebase
Stars: ✭ 33 (-80.12%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-77.71%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-32.53%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+62.05%)
Vipermetasploit-framework 图形界面 / 图形化内网渗透工具
Stars: ✭ 487 (+193.37%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+354.22%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+434.94%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+433.73%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+521.69%)
Msploitego Pentesting suite for Maltego based on data in a Metasploit database
Stars: ✭ 124 (-25.3%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-14.46%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-25.3%)
Web2attackWeb hacking framework with tools, exploits by python
Stars: ✭ 152 (-8.43%)
Chatterinternet monitoring osint telegram bot for windows
Stars: ✭ 123 (-25.9%)
Bof RegsaveDumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
Stars: ✭ 85 (-48.8%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-26.51%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-49.4%)
MaliceVirusTotal Wanna Be - Now with 100% more Hipster
Stars: ✭ 1,253 (+654.82%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-15.66%)
Destructivefarm📢 🔒 Exploit farm for attack-defense CTF competitions
Stars: ✭ 122 (-26.51%)
Ctf Pwn TipsHere record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
Stars: ✭ 1,249 (+652.41%)
TelekillerA Tools Session Hijacking And Stealer Local Passcode Telegram Windows
Stars: ✭ 122 (-26.51%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (-3.61%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-8.43%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+646.39%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-50.6%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-50.6%)
HerakeyloggerChrome Keylogger Extension | Post Exploitation Tool
Stars: ✭ 138 (-16.87%)
PwnablewebPwnableWeb is a suite of web applications for use in information security training.
Stars: ✭ 81 (-51.2%)
Pwn SandboxA sandbox to protect your pwn challenges being pwned in CTF AWD.
Stars: ✭ 81 (-51.2%)
HoundsploitAn advanced graphical search engine for Exploit-DB
Stars: ✭ 81 (-51.2%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-9.64%)
Personal Security Checklist🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021
Stars: ✭ 2,388 (+1338.55%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+914.46%)
WhalescanWhalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container
Stars: ✭ 81 (-51.2%)
DeathstarUses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Stars: ✭ 1,221 (+635.54%)