CitadelCollection of pentesting scripts
Stars: ✭ 333 (-67.73%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-97.87%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (-19.28%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-37.6%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-59.69%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-95.35%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-76.94%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-68.22%)
FrackerPHP function tracker
Stars: ✭ 234 (-77.33%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (-50.29%)
FilesensorDynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具
Stars: ✭ 227 (-78%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (-68.6%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-96.12%)
RogueAn extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Stars: ✭ 225 (-78.2%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+307.17%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-78.88%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (-94.57%)
RoothelperA Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
Stars: ✭ 416 (-59.69%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-98.74%)
SharpattackA simple wrapper for C# tools
Stars: ✭ 211 (-79.55%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (-69.28%)
DecryptteamviewerEnumerate and decrypt TeamViewer credentials from Windows registry
Stars: ✭ 205 (-80.14%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+427.62%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-80.23%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-16.76%)
CTF-WriteupsRepository of my CTF writeups
Stars: ✭ 25 (-97.58%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-80.43%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-69.96%)
WeirdaalWeirdAAL (AWS Attack Library)
Stars: ✭ 503 (-51.26%)
WpforceWordpress Attack Suite
Stars: ✭ 633 (-38.66%)
ToratToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415 (-59.79%)
FacebookBugFacebook Write-ups, PoC, and exploitation codes:
Stars: ✭ 28 (-97.29%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-81.3%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+248.45%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (-81.49%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (-26.94%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-81.59%)
FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+288.86%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-81.88%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+167.25%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-70.83%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (-6.88%)
JwtcatA CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Stars: ✭ 181 (-82.46%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (-70.93%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-82.85%)
WirespyFramework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Stars: ✭ 293 (-71.61%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-29.75%)
ORtesterOpen Redirect scanner - (out of date)
Stars: ✭ 24 (-97.67%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-98.64%)
serverHashtopolis - A Hashcat wrapper for distributed hashcracking
Stars: ✭ 954 (-7.56%)
HouseA runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Stars: ✭ 910 (-11.82%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+783.33%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-38.37%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (-60.76%)
SecurityExplainedSecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
Stars: ✭ 301 (-70.83%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (-72.19%)