DeckerDeclarative penetration testing orchestration framework
Stars: ✭ 263 (-52.7%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (-33.81%)
FsocietyA Modular Penetration Testing Framework
Stars: ✭ 259 (-53.42%)
MercureMercure is a tool for security managers who want to train their colleague to phishing.
Stars: ✭ 262 (-52.88%)
Extracttvpasswordstool to extract passwords from TeamViewer memory using Frida
Stars: ✭ 444 (-20.14%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-33.99%)
My TalksList of my talks and workshops: security engineering, applied cryptography, secure software development
Stars: ✭ 261 (-53.06%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+650.54%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-10.07%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (-53.96%)
Vulnerable AdCreate a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360 (-35.25%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (-53.96%)
HOUDINIHundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Stars: ✭ 791 (+42.27%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (-20.5%)
AnymethodlogLog any method call of object in Objective-C
Stars: ✭ 361 (-35.07%)
docker-osmedeusDocker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 78 (-85.97%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-35.43%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-96.04%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (-1.8%)
HacktheworldAn Python Script For Generating Payloads that Bypasses All Antivirus so far .
Stars: ✭ 527 (-5.22%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-10.25%)
Open-source-tools-for-CTIPublic Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-83.63%)
SitadelWeb Application Security Scanner
Stars: ✭ 360 (-35.25%)
Ssrf vulnerable labThis Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Stars: ✭ 361 (-35.07%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (-63.13%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-84.71%)
Onioff🌰 An onion url inspector for inspecting deep web links.
Stars: ✭ 440 (-20.86%)
Hunter(l)user hunter using WinAPI calls only
Stars: ✭ 359 (-35.43%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-89.03%)
RidrelayEnumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Stars: ✭ 359 (-35.43%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-91.37%)
Dns Rebind ToolkitA front-end JavaScript toolkit for creating DNS rebinding attacks.
Stars: ✭ 435 (-21.76%)
Technical WhitepapersCollection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
Stars: ✭ 359 (-35.43%)
InfosecHouseInfosec resource center for offensive and defensive security operations.
Stars: ✭ 61 (-89.03%)
wifi-deautherA fully automatic wifi deauther coded in Python
Stars: ✭ 25 (-95.5%)
PowerProxyPowerShell SOCKS proxy with reverse proxy capabilities
Stars: ✭ 29 (-94.78%)
domaineratorSimple application written in Go that combines two wordlists and a list of TLDs to form domain names and check if they are already registered.
Stars: ✭ 26 (-95.32%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (-21.76%)
KatanaA Python Tool For google Hacking
Stars: ✭ 355 (-36.15%)
PandorasBoxSecurity tool to quickly audit Public Box files and folders.
Stars: ✭ 56 (-89.93%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (-35.79%)
offensive-docker-vpsCreate a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Stars: ✭ 66 (-88.13%)
remote-code-execution-sampleDemonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.
Stars: ✭ 18 (-96.76%)
HerculesHERCULES is a special payload generator that can bypass antivirus softwares.
Stars: ✭ 526 (-5.4%)
Commando VmComplete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution.
[email protected] Stars: ✭ 5,030 (+804.68%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-21.76%)
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (-36.33%)
SQLbitJust another script for automatize boolean-based blind SQL injections. (Demo)
Stars: ✭ 30 (-94.6%)
AriaCloudA Docker container for remote penetration testing.
Stars: ✭ 105 (-81.12%)
Threat-Intel-Slack-BotInteractive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack
Stars: ✭ 26 (-95.32%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (-57.73%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-36.15%)
EvilUSBQuick utility to craft executables for pentesting and managing reverse shells
Stars: ✭ 33 (-94.06%)
BruteSploitBruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
Stars: ✭ 26 (-95.32%)
WiFi-ProjectPre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️
Stars: ✭ 22 (-96.04%)