BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+408.41%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+290.65%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+229.91%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-65.42%)
BackToMeLittle tool made in python to create payloads for Linux, Windows and OSX with unique handler
Stars: ✭ 61 (-42.99%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-53.27%)
Ssh MitmSSH man-in-the-middle tool
Stars: ✭ 1,328 (+1141.12%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (+207.48%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+276.64%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+332.71%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+5535.51%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (+65.42%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+11.21%)
NarthexModular personalized dictionary generator.
Stars: ✭ 156 (+45.79%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-57.01%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (+180.37%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+200.93%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+4476.64%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (+147.66%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+6671.96%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+532.71%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+614.02%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+744.86%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+624.3%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+725.23%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-64.49%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-87.85%)
DNSExplorerBash script that automates the enumeration of domains and DNS servers in the active information gathering.
Stars: ✭ 33 (-69.16%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-73.83%)
reverse-sshStatically-linked ssh server with reverse shell functionality for CTFs and such
Stars: ✭ 548 (+412.15%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-67.29%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-28.04%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-12.15%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+3069.16%)
EastExploits and Security Tools Framework 2.0.1
Stars: ✭ 283 (+164.49%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-16.82%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+320.56%)
VanquishVanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (+319.63%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+342.99%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+1076.64%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-3.74%)
HabuHacking Toolkit
Stars: ✭ 635 (+493.46%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+616.82%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+405.61%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+651.4%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+7144.86%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+798.13%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-36.45%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-16.82%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+930.84%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-19.63%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-76.64%)
xmlrpc-bruteforcerAn XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)
Stars: ✭ 62 (-42.06%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+367.29%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-20.56%)