WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (-70.93%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (-41.28%)
SqlmapAutomatic SQL injection and database takeover tool
Stars: ✭ 21,907 (+2022.77%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (-22.09%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-63.37%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-46.12%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (-71.22%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+507.56%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+241.18%)
PompemFind exploit tool
Stars: ✭ 786 (-23.84%)
BadpotatoWindows 权限提升 BadPotato
Stars: ✭ 361 (-65.02%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+3088.86%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+718.7%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-65.79%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-47.29%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (-24.81%)
DirbleFast directory scanning and scraping tool
Stars: ✭ 468 (-54.65%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (-66.57%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+444.09%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (-30.72%)
GobusterDirectory/File, DNS and VHost busting tool written in Go
Stars: ✭ 5,356 (+418.99%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (-67.54%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-95.74%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-96.22%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-97.58%)
OscpCollection of things made during my OSCP journey
Stars: ✭ 709 (-31.3%)
NetcatNetCat for Windows
Stars: ✭ 463 (-55.14%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-68.22%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (-50.29%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-96.12%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+307.17%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (-69.28%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+427.62%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-55.14%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (-31.3%)
WeirdaalWeirdAAL (AWS Attack Library)
Stars: ✭ 503 (-51.26%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (-56.49%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+248.45%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (-26.94%)
FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+288.86%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-70.83%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (-6.88%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (-70.93%)
WirespyFramework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Stars: ✭ 293 (-71.61%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-29.75%)
AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (-33.33%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-57.07%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+451.07%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (-57.85%)