Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-5.31%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-28.32%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: ✭ 191 (-15.49%)
GvmdGreenbone Vulnerability Manager
Stars: ✭ 140 (-38.05%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+1502.65%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-15.49%)
NebulousadNebulousAD automated credential auditing tool.
Stars: ✭ 158 (-30.09%)
EnumyLinux post exploitation privilege escalation enumeration
Stars: ✭ 210 (-7.08%)
DnsbinThe request.bin of DNS request
Stars: ✭ 157 (-30.53%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-30.97%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-4.42%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-32.74%)
Apk Meditmemory search and patch tool on debuggable apk without root & ndk
Stars: ✭ 189 (-16.37%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-33.63%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1188.05%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-34.07%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-17.26%)
Perl CriticThe leading static analyzer for Perl. Configurable, extensible, powerful.
Stars: ✭ 149 (-34.07%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-3.54%)
HyugaHyuga 一个用来记录DNS查询和HTTP请求的监控工具。
Stars: ✭ 148 (-34.51%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (-17.7%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-34.96%)
WhispersIdentify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (-70.8%)
ShodanwaveShodanwave is a tool for exploring and obtaining information from Netwave IP Camera.
Stars: ✭ 183 (-19.03%)
Unwebpack SourcemapExtract uncompiled, uncompressed SPA code from Webpack source maps.
Stars: ✭ 176 (-22.12%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-37.17%)
Larastan⚗️ Adds code analysis to Laravel improving developer productivity and code quality.
Stars: ✭ 3,554 (+1472.57%)
AnsibleplaybooksA collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
Stars: ✭ 143 (-36.73%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-19.47%)
WebpocketExploit management framework
Stars: ✭ 142 (-37.17%)
Bundler AuditPatch-level verification for Bundler
Stars: ✭ 2,393 (+958.85%)
SdwannewhopeSD-WAN security and insecurity
Stars: ✭ 141 (-37.61%)
TipStatic program analysis for TIP
Stars: ✭ 140 (-38.05%)
Sonar Pmd☕️ PMD Plugin for SonarQube
Stars: ✭ 139 (-38.5%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-10.18%)
DufflebagSearch exposed EBS volumes for secrets
Stars: ✭ 177 (-21.68%)
ConsolemeA Central Control Plane for AWS Permissions and Access
Stars: ✭ 2,631 (+1064.16%)
Netsec Ps ScriptsCollection of PowerShell network security scripts for system administrators.
Stars: ✭ 139 (-38.5%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-21.68%)
Personal Security Checklist🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021
Stars: ✭ 2,388 (+956.64%)
I18n TasksManage translation and localization with static analysis, for Ruby i18n
Stars: ✭ 1,748 (+673.45%)
VulnfanaticA Binary Ninja plugin for vulnerability research.
Stars: ✭ 203 (-10.18%)
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+952.65%)
Cli🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Stars: ✭ 2,151 (+851.77%)
Clr MeterpreterThe full story of the CLR implementation of Meterpreter
Stars: ✭ 137 (-39.38%)
Dnxfirewalldnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.
Stars: ✭ 174 (-23.01%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+707.08%)
EncpipeThe dum^H^H^Hsimplest encryption tool in the world.
Stars: ✭ 135 (-40.27%)
Honggfuzz RsFuzz your Rust code with Google-developed Honggfuzz !
Stars: ✭ 222 (-1.77%)
Werdlists⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
Stars: ✭ 216 (-4.42%)
Zbn安全编排与自动化响应平台
Stars: ✭ 201 (-11.06%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+811.95%)
ApisecuritybestpracticesResources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
Stars: ✭ 1,745 (+672.12%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+753.1%)
Antiddos System🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!
Stars: ✭ 173 (-23.45%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-41.15%)