PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+1049.86%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-65.97%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (-92.49%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (-51.54%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-95.88%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-97.87%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-94.9%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (-8.56%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-94.2%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (-3.91%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-95.63%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-95.77%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (-70.41%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-92.59%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-79.63%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+22.4%)
Pythempentest framework
Stars: ✭ 1,060 (-62.96%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (-54.02%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+9.22%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+265.16%)
Cve 2019 0604cve-2019-0604 SharePoint RCE exploit
Stars: ✭ 91 (-96.82%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (-52.34%)
Aura BotnetA super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.
Stars: ✭ 95 (-96.68%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-96.61%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-96.47%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-92.45%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-96.96%)
VirtualsecconsAn ongoing list of virtual cybersecurity conferences.
Stars: ✭ 113 (-96.05%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-95.95%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-96.33%)
Hackers Tool KitIts a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (-92.63%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-92.52%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-95.6%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (-21.35%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (-55.31%)
XsscopeXSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (-96.4%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (-31.9%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-95.49%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-91.72%)
HackercampEnine boyuna siber güvenlik
Stars: ✭ 149 (-94.79%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-94.76%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-94.62%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-94.3%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (-31.2%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-94.27%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-95.04%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+327.88%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (-94.16%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-94.1%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1.71%)