ChangemeA default credential scanner.
Stars: ✭ 928 (+736.04%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+118.02%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-75.68%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-77.48%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+400.9%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-81.08%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+13.51%)
PwndocPentest Report Generator
Stars: ✭ 417 (+275.68%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+510.81%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+87.39%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-58.56%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+2998.2%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+3304.5%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-44.14%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (+23.42%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (+51.35%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+3649.55%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+248.65%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+6427.93%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+299.1%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-7.21%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+2384.68%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-19.82%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-61.26%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+27.93%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+252.25%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+2781.08%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+5254.05%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-38.74%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-32.43%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-47.75%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+63.96%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+2400%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-73.87%)
InfoPhishInfoPath Phishing Repo Resource
Stars: ✭ 68 (-38.74%)
introspectorA schema and set of tools for using SQL to query cloud infrastructure.
Stars: ✭ 61 (-45.05%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-30.63%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-47.75%)
xmlrpc-bruteforcerAn XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)
Stars: ✭ 62 (-44.14%)
DcRatA simple remote tool in C#.
Stars: ✭ 709 (+538.74%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-82.88%)
TIGMINTTIGMINT: OSINT (Open Source Intelligence) GUI software framework
Stars: ✭ 195 (+75.68%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+709.91%)
toolkitThe essential toolkit for reversing, malware analysis, and cracking
Stars: ✭ 176 (+58.56%)
DevBrute-A Password Brute ForcerDevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (-18.02%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-45.05%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-37.84%)
hathiA dictionary attack tool for PostgreSQL and MSSQL
Stars: ✭ 33 (-70.27%)
standards-maintenanceThis repository houses the interactions, consultations and work management to support the maintenance of baselined components of the Consumer Data Right API Standards and Information Security profile.
Stars: ✭ 32 (-71.17%)
restincodeA memorial site for Hackers and Infosec people who have passed
Stars: ✭ 62 (-44.14%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-45.95%)
frisbeeCollect email addresses by crawling search engine results.
Stars: ✭ 29 (-73.87%)
toolsTools used for Penetration testing / Red Teaming
Stars: ✭ 63 (-43.24%)