Qsfuzzqsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
Stars: ✭ 201 (-20.24%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-59.13%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (-36.51%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-60.71%)
Sec Admin分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (-11.9%)
Python RansomwarePython Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles
Stars: ✭ 96 (-61.9%)
LinkfinderA python script that finds endpoints in JavaScript files
Stars: ✭ 2,268 (+800%)
BasecrackDecode All Bases - Base Scheme Decoder
Stars: ✭ 196 (-22.22%)
RpcheckuprpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
Stars: ✭ 91 (-63.89%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-40.48%)
Apac ConferencesA community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
Stars: ✭ 90 (-64.29%)
KeydecoderKeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.
Stars: ✭ 236 (-6.35%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-64.68%)
Amitt frameworkRepo replaced by cogsec-collaborative/AMITT
Stars: ✭ 152 (-39.68%)
Sinkholes🐛 Malware Sinkhole List in various formats
Stars: ✭ 84 (-66.67%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+994.44%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-67.86%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (-41.27%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+373.81%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (-14.29%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-71.43%)
WincmdfuWindows one line commands that make life easier, shortcuts and command line fu.
Stars: ✭ 145 (-42.46%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+365.87%)
MiniprintA medium interaction printer honeypot 🍯
Stars: ✭ 177 (-29.76%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+350.79%)
BinsnitchDetect silent (unwanted) changes to files on your system
Stars: ✭ 144 (-42.86%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-75.4%)
CredsleakerCredsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
Stars: ✭ 247 (-1.98%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-76.98%)
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-44.44%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+325.79%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (-30.95%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+311.51%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-81.75%)
Pwdb PublicA collection of all the data i could extract from 1 billion leaked credentials from internet.
Stars: ✭ 2,497 (+890.87%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-83.33%)
Oob ServerA Bind9 server for pentesters to use for Out-of-Band vulnerabilities
Stars: ✭ 125 (-50.4%)
MalcomMalcom - Malware Communications Analyzer
Stars: ✭ 988 (+292.06%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-86.11%)
Chatterinternet monitoring osint telegram bot for windows
Stars: ✭ 123 (-51.19%)
Siem From ScratchSIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
Stars: ✭ 31 (-87.7%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+1001.19%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+251.59%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+673.41%)
MettaAn information security preparedness tool to do adversarial simulation.
Stars: ✭ 867 (+244.05%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-33.33%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+268.25%)
Awesome Cybersecurity Blueteam💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
Stars: ✭ 2,091 (+729.76%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-93.65%)
Secure DesktopAnti-keylogger/anti-rat application for Windows
Stars: ✭ 201 (-20.24%)
Phish CollectPython script to hunt phishing kits
Stars: ✭ 113 (-55.16%)
IsthislegitDashboard to collect, analyze, and respond to reported phishing emails.
Stars: ✭ 251 (-0.4%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1264.68%)
AutosqliAn automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
Stars: ✭ 222 (-11.9%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-19.84%)
HacktheboxNotes Taken for HTB Machines & InfoSec Community.
Stars: ✭ 167 (-33.73%)
NetsetOperational Security utility and automator.
Stars: ✭ 110 (-56.35%)