QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-82.19%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-39.69%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-92.11%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+821.88%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-75.83%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+1042.62%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-58.27%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-76.84%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-93.26%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-65.9%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-35.24%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-18.07%)
Oxidtools200 TOOLS BY 0XID4FF0X FOR TERMUX
Stars: ✭ 143 (-81.81%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+133.72%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-45.67%)
V8 ArchiveDirectus Database API — Wraps Custom SQL Databases with a REST/GraphQL API
Stars: ✭ 486 (-38.17%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-37.4%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-35.88%)
Go SqlbuilderA flexible and powerful SQL string builder library plus a zero-config ORM.
Stars: ✭ 539 (-31.42%)
QbThe database toolkit for go
Stars: ✭ 524 (-33.33%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-31.17%)
EralchemyEntity Relation Diagrams generation tool
Stars: ✭ 767 (-2.42%)
Db DumperDump the contents of a database
Stars: ✭ 744 (-5.34%)
EvolveDatabase migration tool for .NET and .NET Core projects. Inspired by Flyway.
Stars: ✭ 477 (-39.31%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+697.71%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (-28.24%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (-2.42%)
Mycat2MySQL Proxy using Java NIO based on Sharding SQL,Calcite ,simple and fast
Stars: ✭ 750 (-4.58%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+614.38%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+4086.9%)
OpenrecordMake ORMs great again!
Stars: ✭ 474 (-39.69%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (-2.8%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-29.26%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (-29.9%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-25.83%)
Hibernate SpringbootCollection of best practices for Java persistence performance in Spring Boot applications
Stars: ✭ 589 (-25.06%)
TrdsqlCLI tool that can execute SQL queries on CSV, LTSV, JSON and TBLN. Can output to various formats.
Stars: ✭ 593 (-24.55%)
FluentpdoA PHP SQL query builder using PDO
Stars: ✭ 783 (-0.38%)
Gofamily🔥 大厂 BAT 面试高频知识点,后端技术体系。包含了 C GO Python, 网络,Redis ,MySQL ,消息队列 ,高并发,微服务,缓存,操作系统,算法,LeetCode 刷题等知识
Stars: ✭ 474 (-39.69%)
DawsAdvanced Web Shell
Stars: ✭ 551 (-29.9%)
Yearning🐳 A most popular sql audit platform for mysql
Stars: ✭ 5,963 (+658.65%)
Github DsA collection of Ruby libraries for working with SQL on top of ActiveRecord's connection
Stars: ✭ 597 (-24.05%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-3.31%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-7.76%)
Beekeeper StudioModern and easy to use SQL client for MySQL, Postgres, SQLite, SQL Server, and more. Linux, MacOS, and Windows.
Stars: ✭ 8,053 (+924.55%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (-7.38%)
SqlinjectionwikiA wiki focusing on aggregating and documenting various SQL injection methods
Stars: ✭ 623 (-20.74%)
LucidAdonisJS official SQL ORM. Supports PostgreSQL, MySQL, MSSQL, Redshift, SQLite and many more
Stars: ✭ 613 (-22.01%)
HabuHacking Toolkit
Stars: ✭ 635 (-19.21%)
UsqlUniversal command-line interface for SQL databases
Stars: ✭ 6,869 (+773.92%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (-22.77%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-19.08%)
SqlancerDetecting Logic Bugs in DBMS
Stars: ✭ 672 (-14.5%)