AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-57.14%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+565.71%)
HtshellsSelf contained htaccess shells and attacks
Stars: ✭ 708 (+574.29%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-59.05%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-79.05%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-86.67%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+424.76%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+513.33%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (+580.95%)
OscpCollection of things made during my OSCP journey
Stars: ✭ 709 (+575.24%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-15.24%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+143.81%)
QuickScanPort scanning and domain utility.
Stars: ✭ 26 (-75.24%)
Jenkins Rce😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
Stars: ✭ 262 (+149.52%)
ToolsSecurity and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Stars: ✭ 1,343 (+1179.05%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-18.1%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (+164.76%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+3574.29%)
Packer FuzzerPacker Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Stars: ✭ 753 (+617.14%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+636.19%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-15.24%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (+159.05%)
TrapePeople tracker on the Internet: OSINT analysis and research tool by Jose Pino
Stars: ✭ 6,753 (+6331.43%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+648.57%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+638.1%)
SimplyemailEmail recon made fast and easy, with a framework to build on
Stars: ✭ 779 (+641.9%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-7.62%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-15.24%)
Kill RouterFerramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
Stars: ✭ 57 (-45.71%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+8581.9%)
Pi Pwnbox RogueapHomemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Stars: ✭ 798 (+660%)
TorbotDark Web OSINT Tool
Stars: ✭ 821 (+681.9%)
ScriptsScripts I use during pentest engagements.
Stars: ✭ 834 (+694.29%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (+210.48%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (+208.57%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-31.43%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+760.95%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+7282.86%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+789.52%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-76.19%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+248.57%)
Email2phonenumberA OSINT tool to obtain a target's phone number just by having his email address
Stars: ✭ 379 (+260.95%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+4869.52%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (+253.33%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-32.38%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+718.1%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (+726.67%)
PhonesploitUsing open Adb ports we can exploit a Andriod Device
Stars: ✭ 854 (+713.33%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+740.95%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+743.81%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+818.1%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+768.57%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+7946.67%)