NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+199.84%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+773.25%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-76.05%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-96.58%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+164.39%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+481.8%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+259.56%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-86.63%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-61.12%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-73.41%)
Andrax Mobile PentestANDRAX The first and unique Penetration Testing platform for Android smartphones
Stars: ✭ 394 (-38.72%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-71.38%)
Dark-PhishDark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.
Stars: ✭ 57 (-91.14%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (-59.56%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+357.54%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+0.16%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-68.27%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (-62.36%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-62.99%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+427.37%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-97.82%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+397.36%)
Lyncsmashlocate and attack Lync/Skype for Business
Stars: ✭ 258 (-59.88%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-94.56%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-58.32%)
MercureMercure is a tool for security managers who want to train their colleague to phishing.
Stars: ✭ 262 (-59.25%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-20.84%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-79.63%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-52.72%)
OsintgramOsintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (-51.48%)
AirgeddonThis is a multi-use bash script for Linux systems to audit wireless networks.
Stars: ✭ 3,830 (+495.65%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (-53.34%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-58.16%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (-49.61%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+824.26%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-46.19%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-48.99%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-45.1%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+711.51%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-49.92%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (-24.73%)
DawsAdvanced Web Shell
Stars: ✭ 551 (-14.31%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (-37.01%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-37.01%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+5018.04%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-37.33%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-35.77%)
HackerproAll in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
Stars: ✭ 474 (-26.28%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (-34.37%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-34.21%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (-34.84%)