magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+592.75%)
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: ✭ 183 (+165.22%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+634.78%)
scan-cli-pluginDocker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Stars: ✭ 135 (+95.65%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+1023.19%)
Vuln Web AppsA curated list of vulnerable web applications.
Stars: ✭ 128 (+85.51%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+171.01%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1455.07%)
SecExampleJAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (+230.43%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+356.52%)
iskanKubernetes Native, Runtime Container Image Scanning
Stars: ✭ 35 (-49.28%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-34.78%)
WordpresscanWPScan rewritten in Python + some WPSeku ideas
Stars: ✭ 456 (+560.87%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (+84.06%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (+63.77%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+72.46%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+1053.62%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+1311.59%)
SdwannewhopeSD-WAN security and insecurity
Stars: ✭ 141 (+104.35%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+12717.39%)
Jira-LensFast and customizable vulnerability scanner For JIRA written in Python
Stars: ✭ 185 (+168.12%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-44.93%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (+95.65%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+142.03%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+426.09%)
Go DorkThe fastest dork scanner written in Go.
Stars: ✭ 274 (+297.1%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+498.55%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+78.26%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (+65.22%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+30.43%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (+121.74%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+60.87%)
OpenVAS-DockerA Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-76.81%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+3692.75%)
bhedakA replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
Stars: ✭ 77 (+11.59%)
ochrona-cliA command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
Stars: ✭ 46 (-33.33%)
awesome-scriptsSet of scripts that can do awesome stuff for developers
Stars: ✭ 16 (-76.81%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (-53.62%)
SBDStatic Binary Deployer. Download and deploy *Nix utilities on a compromised system.
Stars: ✭ 23 (-66.67%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-37.68%)
ospdOSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)
Stars: ✭ 32 (-53.62%)
bash-tplA smart, lightweight shell script templating engine, written in Bash
Stars: ✭ 26 (-62.32%)
dr checker 4 linuxPort of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel
Stars: ✭ 34 (-50.72%)
ructfe-2019RuCTFE 2019. Developed with ♥ by HackerDom team
Stars: ✭ 24 (-65.22%)
imgurbash2A shell script that uploads/deletes images to/from IMGUR.
Stars: ✭ 41 (-40.58%)
terraform-installerInstaller for HashiCorp Terraform - Automatic Download, Extract and Install of Latest or Specific Version
Stars: ✭ 74 (+7.25%)
dependency-check-pluginJenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+55.07%)
scriptsCollection of useful scripts for Linux (git, docker, LUKS, Archlinux...)
Stars: ✭ 36 (-47.83%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (+84.06%)
syszAn fzf terminal UI for systemctl
Stars: ✭ 1,258 (+1723.19%)
motivate⚡ motivate ⚡ - A simple script to print random motivational quotes. Highly influenced by linux command fortune.
Stars: ✭ 24 (-65.22%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+20.29%)
termux-archYou can use setupTermuxArch.sh 📲 to install Arch Linux in Termux on Android and Chrome. This setup script will attempt to set Arch Linux up in your Termux environment.
Stars: ✭ 25 (-63.77%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (-15.94%)