AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-99.5%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-98.84%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (-96%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-99.81%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (-94.14%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (-87.32%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (-77.98%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-99.45%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-99.68%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-98.69%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-99.81%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-98.72%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-99.91%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-97.69%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-99.5%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (-91.3%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (-94.08%)
Privilege EscalationThis cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Stars: ✭ 2,117 (-93.57%)
FeroxbusterA fast, simple, recursive content discovery tool written in Rust.
Stars: ✭ 1,314 (-96.01%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (-95.92%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (-87.35%)
HledgerA reliable, user-friendly Plain Text Accounting tool with command line, terminal and web interfaces.
Stars: ✭ 1,887 (-94.27%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-99.81%)
Chaos🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.
Stars: ✭ 1,168 (-96.45%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-99.6%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-98.7%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-99.71%)
DirstalkModern alternative to dirbuster/dirb
Stars: ✭ 210 (-99.36%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-99.57%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-99.42%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-99.61%)
HellgateLoader CSharpLoad shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (-99.78%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (-98.82%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (-99.23%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (-98.59%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-98.56%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-99.93%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-99.89%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-99.73%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-99.19%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-99.87%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (-89.3%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (-89.36%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (-89.7%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-99.1%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-99.08%)