SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+1554.33%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-89.9%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-85.1%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-8.17%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+726.68%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-72.12%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+2096.39%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+1931.01%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-60.58%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+2025.96%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+1077.16%)
HabuHacking Toolkit
Stars: ✭ 635 (+52.64%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+182.93%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-78.61%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-72.12%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+74.28%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-71.15%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-56.25%)
Hack4Squad💀 A bash hacking and scanning framework.
Stars: ✭ 45 (-89.18%)
BlowholeDocker auditing and enumeration script.
Stars: ✭ 21 (-94.95%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-2.64%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (-8.41%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-92.07%)
sysfetchA super tiny system information fetch script written in BASH
Stars: ✭ 197 (-52.64%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-0.72%)
registrantPython package used for generating HTML reports about the contents of Esri geodatabases.
Stars: ✭ 44 (-89.42%)
yafYet another system fetch that is minimal and customizable
Stars: ✭ 23 (-94.47%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-65.87%)
PwndocPentest Report Generator
Stars: ✭ 417 (+0.24%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-91.35%)
Fwanalyzera tool to analyze filesystem images for security
Stars: ✭ 382 (-8.17%)
indiciumPortable, advanced system information utility
Stars: ✭ 46 (-88.94%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 424 (+1.92%)
StacerLinux System Optimizer and Monitoring - https://oguzhaninan.github.io/Stacer-Web
Stars: ✭ 7,405 (+1680.05%)
phomberPhomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: ✭ 59 (-85.82%)
disfetchYet another *nix distro fetching program, but less complex.
Stars: ✭ 45 (-89.18%)
CTF-WriteupsRepository of my CTF writeups
Stars: ✭ 25 (-93.99%)
humbleA humble, and fast, security-oriented HTTP headers analyzer
Stars: ✭ 17 (-95.91%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-79.33%)
wifi-deautherA fully automatic wifi deauther coded in Python
Stars: ✭ 25 (-93.99%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-9.13%)
WiFi-ProjectPre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️
Stars: ✭ 22 (-94.71%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-94.71%)
OpenVAS-DockerA Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-96.15%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+668.75%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (-34.62%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+652.64%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (-3.61%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-34.62%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+715.14%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+1154.33%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (-30.77%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (-31.01%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+746.39%)
SystemstatRust library for getting system information
Stars: ✭ 301 (-27.64%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-37.26%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+742.07%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (-27.88%)