OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+228.59%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (-30.72%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+209.88%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-95.74%)
PerfusionExploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
Stars: ✭ 272 (-73.64%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-55.14%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (-31.3%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (-74.32%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (-56.49%)
Lyncsmashlocate and attack Lync/Skype for Business
Stars: ✭ 258 (-75%)
HOUDINIHundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Stars: ✭ 791 (-23.35%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (-75%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-75.19%)
AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (-33.33%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-57.07%)
docker-osmedeusDocker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 78 (-92.44%)
QuickScanPort scanning and domain utility.
Stars: ✭ 26 (-97.48%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-97.87%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+451.07%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-91.67%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-98.26%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (-57.85%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (-80.14%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-91.76%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (-34.3%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-57.85%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-94.09%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-58.14%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-91.47%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (-19.09%)
ServerscanServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Stars: ✭ 674 (-34.69%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-58.62%)
suiderThis tool will quickly search for exploitable binaries with SUID bit set in Linux and will output the method of exploitation from GTFObins
Stars: ✭ 21 (-97.97%)
wifi-deautherA fully automatic wifi deauther coded in Python
Stars: ✭ 25 (-97.58%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-58.24%)
PowerProxyPowerShell SOCKS proxy with reverse proxy capabilities
Stars: ✭ 29 (-97.19%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (-58.91%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-97.77%)
SQLbitJust another script for automatize boolean-based blind SQL injections. (Demo)
Stars: ✭ 30 (-97.09%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (-58.91%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-92.54%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (-77.23%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-97.38%)
HashtopolisA Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (-19.09%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+566.86%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-59.01%)
EvilUSBQuick utility to craft executables for pentesting and managing reverse shells
Stars: ✭ 33 (-96.8%)
WiFi-ProjectPre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️
Stars: ✭ 22 (-97.87%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (-47.29%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (-59.4%)
CVE-2020-0688-ScannerQuick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.
Stars: ✭ 38 (-96.32%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-89.63%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-59.4%)