DekstereconWeb Application recon automation
Stars: ✭ 109 (-51.77%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-76.55%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+242.92%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (-52.21%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+238.05%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-30.97%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+236.28%)
PhpstanPHP Static Analysis Tool - discover bugs in your code without running it!
Stars: ✭ 10,534 (+4561.06%)
Grauditgrep rough audit - source code auditing tool
Stars: ✭ 747 (+230.53%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-4.42%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+226.99%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+931.86%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+226.11%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-32.74%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+2679.2%)
ContainersshContainerSSH: Launch containers on demand
Stars: ✭ 195 (-13.72%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-25.66%)
Fb Contriba FindBugs/SpotBugs plugin for doing static code analysis for java code bases
Stars: ✭ 124 (-45.13%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-76.99%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+222.12%)
Apk Meditmemory search and patch tool on debuggable apk without root & ndk
Stars: ✭ 189 (-16.37%)
Fail2banDaemon to ban hosts that cause multiple authentication errors
Stars: ✭ 6,677 (+2854.42%)
KarnSimplifying Seccomp enforcement in containerized or non-containerized apps
Stars: ✭ 104 (-53.98%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-33.63%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-54.42%)
Zeus ScannerAdvanced reconnaissance utility
Stars: ✭ 706 (+212.39%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1188.05%)
SonarjsSonarSource Static Analyzer for JavaScript and TypeScript
Stars: ✭ 696 (+207.96%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-54.42%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-34.07%)
FugaciousOSSSM (awesome). Open source short-term secure messaging
Stars: ✭ 100 (-55.75%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+199.12%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-17.26%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+500.44%)
Perl CriticThe leading static analyzer for Perl. Configurable, extensible, powerful.
Stars: ✭ 149 (-34.07%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-56.19%)
HabuHacking Toolkit
Stars: ✭ 635 (+180.97%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-3.54%)
Security ListPenetrum LLC opensource security tool list.
Stars: ✭ 619 (+173.89%)
SliverAdversary Simulation Framework
Stars: ✭ 1,348 (+496.46%)
Articles Translator📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (+168.14%)
HyugaHyuga 一个用来记录DNS查询和HTTP请求的监控工具。
Stars: ✭ 148 (-34.51%)
Corscanner Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (+165.93%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-57.08%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+165.93%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (-17.7%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-45.13%)
Openvas ScannerOpen Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+367.26%)
IvaIVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
Stars: ✭ 49 (-78.32%)
ZigdiggityA ZigBee hacking toolkit by Bishop Fox
Stars: ✭ 169 (-25.22%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-46.02%)
Pentest Tools FrameworkPentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 48 (-78.76%)
FeramFeram finds & fixes bugs in your commits
Stars: ✭ 122 (-46.02%)