Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (+89.86%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (+23.19%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (+55.07%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+2694.2%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (+28.99%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+1023.19%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+1011.59%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-33.33%)
Black WidowGUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124 (+79.71%)
EastExploits and Security Tools Framework 2.0.1
Stars: ✭ 283 (+310.14%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+163.77%)
DNSExplorerBash script that automates the enumeration of domains and DNS servers in the active information gathering.
Stars: ✭ 33 (-52.17%)
VanquishVanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (+550.72%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+1065.22%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (+171.01%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+2543.48%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+411.59%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+571.01%)
Owasp MasvsThe Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
Stars: ✭ 1,030 (+1392.75%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+1244.93%)
BrutusA Python-powered exploitation framework and botnet.
Stars: ✭ 17 (-75.36%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+1381.16%)
ScriptsScripts I use during pentest engagements.
Stars: ✭ 834 (+1108.7%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+1498.55%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+1210.14%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+1379.71%)
PsattackA portable console aimed at making pentesting with PowerShell a little easier.
Stars: ✭ 1,021 (+1379.71%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+11134.78%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+1024.64%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-15.94%)
Intrigue CoreDiscover Your Attack Surface!
Stars: ✭ 1,013 (+1368.12%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+1007.25%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-44.93%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+1001.45%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (-10.14%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+1323.19%)
Awesome Web Security🐶 A curated list of Web Security materials and resources.
Stars: ✭ 6,623 (+9498.55%)
HtshellsSelf contained htaccess shells and attacks
Stars: ✭ 708 (+926.09%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+1292.75%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+913.04%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+881.16%)
Pathwar☠️ The Pathwar Project ☠️
Stars: ✭ 58 (-15.94%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (+882.61%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+882.61%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+1221.74%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+10401.45%)
Thc Ipv6IPv6 attack toolkit
Stars: ✭ 673 (+875.36%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-10.14%)