Jsql InjectionjSQL Injection is a Java application for automatic SQL database injection.
Stars: ✭ 891 (+443.29%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-21.95%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+407.93%)
Ntlmscanscan for NTLM directories
Stars: ✭ 141 (-14.02%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+396.34%)
SecretaryDEPRECATED Secrets management for dynamic environments
Stars: ✭ 93 (-43.29%)
Attack ToolsUtilities for MITRE™ ATT&CK
Stars: ✭ 810 (+393.9%)
RsfThe Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-53.66%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-45.12%)
Sites Using Cloudflare💔 Archived list of domains using Cloudflare DNS at the time of the CloudBleed announcement.
Stars: ✭ 1,914 (+1067.07%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-29.27%)
Burp Bounty ProfilesBurp Bounty profiles compilation, feel free to contribute!
Stars: ✭ 76 (-53.66%)
SpartySparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]
Stars: ✭ 75 (-54.27%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-23.17%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-18.9%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+830.49%)
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+624.39%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-14.63%)
Redteam vul红队作战中比较常遇到的一些重点系统漏洞整理。
Stars: ✭ 1,271 (+675%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+628.05%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (-30.49%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+623.17%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-45.73%)
Kube Secret SyncerA Kubernetes operator to sync secrets from AWS Secrets Manager
Stars: ✭ 154 (-6.1%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+617.07%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (+332.32%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-45.73%)
Awesome Security GistsA collection of various GitHub gists for hackers, pentesters and security researchers
Stars: ✭ 701 (+327.44%)
Pw Pwnage CfworkerDeploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7.8+ billion breached accounts
Stars: ✭ 125 (-23.78%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+322.56%)
PandasniperLinux C2 框架demo,为期2周的”黑客编程马拉松“,从学习编程语言开始到实现一个demo的产物
Stars: ✭ 159 (-3.05%)
WebhashcatHashcat web interface
Stars: ✭ 151 (-7.93%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-18.9%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-30.49%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-56.1%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-17.68%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (+679.88%)
Nraynray distributed port scanner
Stars: ✭ 125 (-23.78%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+293.29%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-46.95%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+292.68%)
SearchpassA simple tool for offline searching of default credentials for network devices, web applications and more.
Stars: ✭ 159 (-3.05%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+278.66%)
Torus CliA secure, shared workspace for secrets
Stars: ✭ 611 (+272.56%)
Bof RegsaveDumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
Stars: ✭ 85 (-48.17%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-17.07%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+615.85%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-30.49%)
PwnedpasswordsdllOpen source solution to check prospective AD passwords against previously breached passwords
Stars: ✭ 71 (-56.71%)
Pwned Passwords DjangoUtilities for working with the Pwned Passwords database from Django.
Stars: ✭ 71 (-56.71%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-18.29%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-30.49%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-56.71%)
ElpscrkA Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v
Stars: ✭ 113 (-31.1%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+609.76%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-8.54%)