SkaSimple Karma Attack
Stars: ✭ 55 (-98.03%)
Pcwt Stars: ✭ 46 (-98.35%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-95.34%)
SmershSmersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
Stars: ✭ 43 (-98.46%)
FilebusterAn extremely fast and flexible web fuzzer
Stars: ✭ 176 (-93.7%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-98.57%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-95.34%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-98.6%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+202.61%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-95.42%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (-67.55%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-93.77%)
FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
Stars: ✭ 884 (-68.34%)
Nraynray distributed port scanner
Stars: ✭ 125 (-95.52%)
Leviathanwide range mass audit toolkit
Stars: ✭ 862 (-69.13%)
BrutedumBruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
Stars: ✭ 212 (-92.41%)
PurplecloudAn Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
Stars: ✭ 122 (-95.63%)
AvaxAVAX is a small, modern and fast console application for decrypting passwords with certain options.
Stars: ✭ 19 (-99.32%)
Jsql InjectionjSQL Injection is a Java application for automatic SQL database injection.
Stars: ✭ 891 (-68.09%)
Faitagram(Doesn't work anymore)
Stars: ✭ 117 (-95.81%)
SsbSecure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server
Stars: ✭ 832 (-70.2%)
FaceboomA Python script for Brute Force Attack On Facebook Account :)
Stars: ✭ 194 (-93.05%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-95.77%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+177.65%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-93.91%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (-72.21%)
Oscp AutomationA collection of personal scripts used in hacking excercises.
Stars: ✭ 118 (-95.77%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-92.26%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (-73.42%)
VulrecVulnerability Recurrence:漏洞复现记录
Stars: ✭ 109 (-96.1%)
Awesome Security GistsA collection of various GitHub gists for hackers, pentesters and security researchers
Stars: ✭ 701 (-74.89%)
SpypiAn (un-)ethical hacking-station based on Raspberry Pi and Python
Stars: ✭ 167 (-94.02%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (-75.18%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (-45.7%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+159.53%)
WsuspenduImplement WSUSpendu attack
Stars: ✭ 191 (-93.16%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+146.49%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (-77.18%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-94.05%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (-77.76%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-96.24%)
Pentest EnvPentest environment deployer (kali linux + targets) using vagrant and chef.
Stars: ✭ 610 (-78.15%)
DirstalkModern alternative to dirbuster/dirb
Stars: ✭ 210 (-92.48%)
HackingHa3Mrx Pentesting and Security Hacking
Stars: ✭ 102 (-96.35%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-94.16%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (-61.57%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (-19.38%)
Macro packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (-61.6%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-96.45%)
Pentest WikiPENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Stars: ✭ 2,668 (-4.44%)
DoxycannonA poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (-92.26%)
CloudlistCloudlist is a tool for listing Assets from multiple Cloud Providers.
Stars: ✭ 207 (-92.59%)