XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+1780.65%)
VulrecVulnerability Recurrence:漏洞复现记录
Stars: ✭ 109 (+251.61%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+677.42%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+96.77%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+958.06%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+6187.1%)
Pcwt Stars: ✭ 46 (+48.39%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+39403.23%)
SecExampleJAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (+635.48%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (+87.1%)
Trackray溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Stars: ✭ 1,295 (+4077.42%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+11654.84%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-48.39%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+2612.9%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+358.06%)
NTPDoserNTP Doser is a NTP Amplification DoS/DDoS attack tool for penttesting
Stars: ✭ 96 (+209.68%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (+22.58%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+1009.68%)
exploitsSome of my public exploits
Stars: ✭ 50 (+61.29%)
apachrotApache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Stars: ✭ 21 (-32.26%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (+129.03%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (+35.48%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+290.32%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (+232.26%)
micro-sentryTiny Sentry client with idiomatic wrapper for Angular
Stars: ✭ 100 (+222.58%)
log4jpwnlog4j rce test environment and poc
Stars: ✭ 306 (+887.1%)
EmissarySend notifications on different channels such as Slack, Telegram, Discord etc.
Stars: ✭ 33 (+6.45%)
fleexFleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
Stars: ✭ 181 (+483.87%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+351.61%)
Awesome-HTTPRequestSmugglingA curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
Stars: ✭ 97 (+212.9%)
HackerOne-LessonsTranscribed video lessons of HackerOne to pdf's
Stars: ✭ 104 (+235.48%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+848.39%)
Industrial-Security-Auditing-FrameworkISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (+38.71%)
hackerone-clientAn unofficial wrapper for the HackerOne API
Stars: ✭ 55 (+77.42%)
ScanApiSubdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
Stars: ✭ 34 (+9.68%)
ICUAn Extended, Modulair, Host Discovery Framework
Stars: ✭ 40 (+29.03%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+93.55%)
h1-cliA CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
Stars: ✭ 30 (-3.23%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (+287.1%)
ipsourcebypassThis Python script can be used to bypass IP source restrictions using HTTP headers.
Stars: ✭ 326 (+951.61%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+258.06%)
VNCPwnVNC pentest tool with bruteforce and ducky script execution features
Stars: ✭ 21 (-32.26%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+3987.1%)
InventusInventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.
Stars: ✭ 80 (+158.06%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (+70.97%)
badcharsBad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.
Stars: ✭ 178 (+474.19%)
report-ngGenerate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
Stars: ✭ 62 (+100%)
PrintNightmare-CVE-2021-34527PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits
Stars: ✭ 73 (+135.48%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (+209.68%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (+74.19%)