Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-78.33%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (+41.38%)
PhotonIncredibly fast crawler designed for OSINT.
Stars: ✭ 8,332 (+4004.43%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (+108.37%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-26.11%)
CloudfruntA tool for identifying misconfigured CloudFront domains
Stars: ✭ 281 (+38.42%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+397.04%)
OrbitBlockchain Transactions Investigation Tool
Stars: ✭ 278 (+36.95%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-43.84%)
Secretzsecretz, minimizing the large attack surface of Travis CI
Stars: ✭ 279 (+37.44%)
ToxicAn ncurses-based Tox client (please make pull requests on the development fork: https://github.com/toktok/toxic)
Stars: ✭ 987 (+386.21%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+1475.37%)
Iposint⚠️WARNING: This project now become part of https://github.com/j3ssie/Metabigor project
Stars: ✭ 178 (-12.32%)
UgfraudAn Unsupervised Graph-based Toolbox for Fraud Detection
Stars: ✭ 38 (-81.28%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (+33.5%)
Bag Of HoldingAn application to assist in the organization and prioritization of software security activities.
Stars: ✭ 114 (-43.84%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-82.27%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (+31.53%)
AutosintTool to automate common OSINT tasks
Stars: ✭ 150 (-26.11%)
BitmagicBitMagic Library
Stars: ✭ 263 (+29.56%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-82.76%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+1438.92%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-43.84%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+26.6%)
Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Stars: ✭ 977 (+381.28%)
Misp ModulesModules for expansion services, import and export in MISP
Stars: ✭ 198 (-2.46%)
Radio HackboxPoC tool to demonstrate vulnerabilities in wireless input devices
Stars: ✭ 74 (-63.55%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+108.37%)
CertaintyAutomated cacert.pem management for PHP projects
Stars: ✭ 255 (+25.62%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (+25.62%)
Burp Fofa基于BurpSuite的一款FOFA Pro 插件
Stars: ✭ 113 (-44.33%)
SoteriaPlugin to block compilation when unapproved dependencies are used or code styling does not comply.
Stars: ✭ 36 (-82.27%)
Domain discovery toolThis repository contains the Domain Discovery Tool (DDT) project. DDT is an interactive system that helps users explore and better understand a domain (or topic) as it is represented on the Web.
Stars: ✭ 33 (-83.74%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-26.11%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (+106.9%)
ai-distilleryAutomatically modelling and distilling knowledge within AI. In other words, summarising the AI research firehose.
Stars: ✭ 20 (-90.15%)
NprfNPRF: A Neural Pseudo Relevance Feedback Framework for Ad-hoc Information Retrieval
Stars: ✭ 31 (-84.73%)
ipranges🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft (Azure), Oracle (Cloud) and DigitalOcean with daily updates.
Stars: ✭ 38 (-81.28%)
Snopfsnopf USB password token
Stars: ✭ 113 (-44.33%)
wappylyzerImplementation of Wappalyzer in Python
Stars: ✭ 42 (-79.31%)
XrayguiBuild A GUI For Xray,给Xray造一个GUI控制端。
Stars: ✭ 30 (-85.22%)
Bm25A Python implementation of the BM25 ranking function.
Stars: ✭ 159 (-21.67%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+804.93%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (+106.4%)
youtube-metadataA quick way to gather all the metadata about a video, playlist, or channel from the YouTube API.
Stars: ✭ 58 (-71.43%)
InfogaInfoga - Email OSINT
Stars: ✭ 947 (+366.5%)
PhoneinfogaPhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (+2819.7%)
Nrf24 PlaysetSoftware tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
Stars: ✭ 73 (-64.04%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+104.93%)
EyeballerConvolutional neural network for analyzing pentest screenshots
Stars: ✭ 416 (+104.93%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-37.93%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+103.94%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+103.45%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-64.04%)