PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-95.11%)
Jenkins Rce😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
Stars: ✭ 262 (-57.33%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+528.34%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-30.46%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (-21.17%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+214.01%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-77.2%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-78.66%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-30.94%)
QuackQuack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.
Stars: ✭ 305 (-50.33%)
Tpt OracleTanel Poder's Troubleshooting & Performance Tools for Oracle Databases
Stars: ✭ 429 (-30.13%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-82.9%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-72.31%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (-72.8%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-70.36%)
HydrafwHydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing
Stars: ✭ 165 (-73.13%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-69.38%)
MouseMouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.
Stars: ✭ 186 (-69.71%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-67.59%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-73.62%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-65.15%)
Cve 2019 07083389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Stars: ✭ 350 (-43%)
OsintgramOsintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (-49.19%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-42.51%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-9.45%)
RubyfuRubyfu, where Ruby goes evil!
Stars: ✭ 228 (-62.87%)
DccwbypassuacWindows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".
Stars: ✭ 227 (-63.03%)
OscpCollection of things made during my OSCP journey
Stars: ✭ 709 (+15.47%)
NorepeatThe norepeat package contains some magical function, tools
Stars: ✭ 111 (-81.92%)
Digispark ScriptsUSB Rubber Ducky type scripts written for the DigiSpark.
Stars: ✭ 629 (+2.44%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-88.76%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-77.2%)
Dark-PhishDark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.
Stars: ✭ 57 (-90.72%)
The Book Of Secret KnowledgeA collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Stars: ✭ 55,582 (+8952.44%)
hackipyHacking, pen-testing, and cyber-security related tools built with Python.
Stars: ✭ 26 (-95.77%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-92.51%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-59.28%)
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (-85.83%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+379.15%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+452.28%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-85.5%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (-51.14%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-50.49%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+473.45%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+579.64%)
Android ExploitsA collection of android Exploits and Hacks
Stars: ✭ 290 (-52.77%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+577.85%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+867.92%)
ToolsSecurity and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Stars: ✭ 1,343 (+118.73%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-83.55%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (-58.96%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+470.52%)