Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+388.29%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-71.58%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+0.43%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-60.52%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+295.66%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-30.15%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (-25.81%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-59.22%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-34.06%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+315.62%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+9.33%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-77.22%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+498.26%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-28.85%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (-9.11%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-55.75%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+531.45%)
PwndocPentest Report Generator
Stars: ✭ 417 (-9.54%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-56.18%)
Pentest WikiPENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Stars: ✭ 2,668 (+478.74%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+578.09%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-3.9%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (-47.51%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-48.37%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (-45.55%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (-38.18%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+520.82%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-69.63%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (-69.63%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-94.58%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-88.5%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+1031.89%)
Zbn安全编排与自动化响应平台
Stars: ✭ 201 (-56.4%)
RubyfuRubyfu, where Ruby goes evil!
Stars: ✭ 228 (-50.54%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-69.2%)
VanquishVanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (-2.6%)
pentesting-notesNotes from OSCP, CTF, security adventures, etc...
Stars: ✭ 38 (-91.76%)
Pentest-Service-EnumerationSuggests programs to run against services found during the enumeration phase of a Pentest
Stars: ✭ 80 (-82.65%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-94.14%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-90.02%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-95.01%)
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (-81.13%)
Vulnhub Ctf WriteupsThis cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Stars: ✭ 368 (-20.17%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (-47.51%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (-12.15%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-20.39%)
huntkitDocker - Ubuntu with a bunch of PenTesting tools and wordlists
Stars: ✭ 51 (-88.94%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-93.93%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-12.15%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+805.21%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-95.23%)
Wahh extrasThe Web Application Hacker's Handbook - Extra Content
Stars: ✭ 428 (-7.16%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-22.13%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-89.15%)