WhatwebNext generation web scanner
Stars: ✭ 3,503 (+3236.19%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+156.19%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+283.81%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+3253.33%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+306.67%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+3175.24%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1637.14%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+229.52%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+263.81%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+351.43%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+380%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+31241.9%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-40.95%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+83.81%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+630.48%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (+10.48%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+491.43%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+706.67%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+6800.95%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (+19.05%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+89.52%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+2101.9%)
Pythempentest framework
Stars: ✭ 1,060 (+909.52%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+8453.33%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+252.38%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+3874.29%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+3863.81%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+272.38%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+268.57%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+281.9%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (+228.57%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+927.62%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+328.57%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-37.14%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+311.43%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+340.95%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (+360.95%)
Ctf DifficultyThis cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
Stars: ✭ 338 (+221.9%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-30.48%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+384.76%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+415.24%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+1089.52%)
HabuHacking Toolkit
Stars: ✭ 635 (+504.76%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (+484.76%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+505.71%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+1080%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+544.76%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+560%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+437.14%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+623.81%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-21.9%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+675.24%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+665.71%)