ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-98.91%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (-81.74%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (-93.85%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (-50.28%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-92.83%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (-87.17%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-85.02%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-97.85%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-65.22%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-93.68%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-96.36%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (-48.66%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (-6.4%)
Bscanan asynchronous target enumeration tool
Stars: ✭ 207 (-91.62%)
Enum.pyA tool to enumerate network services
Stars: ✭ 23 (-99.07%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (-88.38%)
Stegseek⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (-92.43%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+193.36%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (-69.47%)
SsrfmapSimple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (-97.98%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (-20.81%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-95.34%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-79.76%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-97.25%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-95.3%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-93.24%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-92.63%)
Offport killerThis tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.
Stars: ✭ 40 (-98.38%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-94.74%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-90.36%)
WebanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (-87.41%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-91.94%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (-83.97%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-84.53%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+153.85%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-79.39%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (-77.37%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (-79.23%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+269.07%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-96.84%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-95.14%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-94.17%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-94.17%)
ExploitsExploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
Stars: ✭ 154 (-93.77%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (-19.15%)
Pwk Oscp Preparation RoadmapRoadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome
Stars: ✭ 142 (-94.25%)
Lctf2017Source code, writeups and exps in LCTF2017.
Stars: ✭ 162 (-93.44%)
Ctf.tfA database of collected CTFs and their solutions.
Stars: ✭ 153 (-93.81%)
Print My ShellPython script wrote to automate the process of generating various reverse shells.
Stars: ✭ 140 (-94.33%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-94.33%)
Web2attackWeb hacking framework with tools, exploits by python
Stars: ✭ 152 (-93.85%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-94.33%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-93.4%)