CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+1292.13%)
Dotenv sekretsSeamlessly encrypt/decrypt/edit your rails Dotenv files with the help of the Sekrets gem
Stars: ✭ 25 (-71.91%)
SpoofcheckSimple script that checks a domain for email protections
Stars: ✭ 437 (+391.01%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (+389.89%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-71.91%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+388.76%)
RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
Stars: ✭ 1,109 (+1146.07%)
Cookie crimesRead local Chrome cookies without root or decrypting
Stars: ✭ 434 (+387.64%)
GosecGolang security checker
Stars: ✭ 5,694 (+6297.75%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+385.39%)
Nrf24 PlaysetSoftware tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
Stars: ✭ 73 (-17.98%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+1139.33%)
CspThe Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing confidence and trust among the national Computer Security Incident Response Teams (CSIRTs) of the Member States and for promoting swift and effective operational cooperation.
Stars: ✭ 23 (-74.16%)
CheatsheetsCommunity-sourced cheatsheets
Stars: ✭ 430 (+383.15%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+376.4%)
YlvaCommand line password manager for Unix-like operating systems
Stars: ✭ 23 (-74.16%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (+380.9%)
ChroniclePublic append-only ledger microservice built with Slim Framework
Stars: ✭ 429 (+382.02%)
KauditAlcide Kubernetes Audit Log Analyzer - Alcide kAudit
Stars: ✭ 23 (-74.16%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+379.78%)
NfcgateAn NFC research toolkit application for Android
Stars: ✭ 425 (+377.53%)
SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+928.09%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+376.4%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (+376.4%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-7.87%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-34.83%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+375.28%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (+375.28%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+375.28%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+374.16%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+370.79%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+907.87%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (+371.91%)
Csharp8cheatsheetC# 8 Cheat Sheet, Default Interface Methods, Pattern Matching, Indices and Ranges, Nullable Reference Types, Asynchronous Streams, Caller Expression Attribute ,Static Local Functions, Default in Deconstruction., Alternative Interpolated Verbatim Strings, Using Declarations, Relax Ordering of ref and partial Modifiers, Disposable ref structs, Generic Attributes, Null Coalescing Assignment ,Disposable ref structs
Stars: ✭ 73 (-17.98%)
Pathwar☠️ The Pathwar Project ☠️
Stars: ✭ 58 (-34.83%)
SecretscannerFind secrets and passwords in container images and file systems
Stars: ✭ 895 (+905.62%)
EyeballerConvolutional neural network for analyzing pentest screenshots
Stars: ✭ 416 (+367.42%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+897.75%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+365.17%)
PoweropsPowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
Stars: ✭ 412 (+362.92%)
BrutusA Python-powered exploitation framework and botnet.
Stars: ✭ 17 (-80.9%)
Oscp PwkThis is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.
Stars: ✭ 406 (+356.18%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+1339.33%)
Watf BankWaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
Stars: ✭ 87 (-2.25%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-3.37%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-17.98%)
Kill RouterFerramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
Stars: ✭ 57 (-35.96%)
Deprecated Patrol Rules AwsA set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance.
Stars: ✭ 16 (-82.02%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (+355.06%)
TelemetrysourcererEnumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (+349.44%)