Oscp AutomationA collection of personal scripts used in hacking excercises.
Stars: ✭ 118 (+293.33%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+3206.67%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (+736.67%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+543.33%)
ProcspyPython tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
Stars: ✭ 272 (+806.67%)
MouseMouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.
Stars: ✭ 186 (+520%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+4126.67%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+506.67%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+2433.33%)
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (+1080%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+5980%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+740%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (+456.67%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (+443.33%)
JalescJust Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
Stars: ✭ 152 (+406.67%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (+996.67%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (+286.67%)
IntelspyPerform automated network reconnaissance scans
Stars: ✭ 134 (+346.67%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+6326.67%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+7606.67%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (+373.33%)
Windows Post ExploitationWindows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
Stars: ✭ 296 (+886.67%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (+913.33%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+25740%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+109596.67%)
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+3860%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+563.33%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+1173.33%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+24053.33%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+2763.33%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+2520%)
Androidsdk🐳 Full-fledged Android SDK Docker Image
Stars: ✭ 776 (+2486.67%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+2940%)
PhonesploitUsing open Adb ports we can exploit a Andriod Device
Stars: ✭ 854 (+2746.67%)
SimplyemailEmail recon made fast and easy, with a framework to build on
Stars: ✭ 779 (+2496.67%)
TrapePeople tracker on the Internet: OSINT analysis and research tool by Jose Pino
Stars: ✭ 6,753 (+22410%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+2723.33%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+22356.67%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+2483.33%)
Crazy WeekendMengobati rasa ingin tahu atau kadang hanya iseng
Stars: ✭ 9 (-70%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+2483.33%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+2446.67%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+2703.33%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+2456.67%)
Awesome HackingA curated list of awesome Hacking tutorials, tools and resources
Stars: ✭ 7,756 (+25753.33%)
Packer FuzzerPacker Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Stars: ✭ 753 (+2410%)
Ics Security ToolsTools, tips, tricks, and more for exploring ICS Security.
Stars: ✭ 749 (+2396.67%)
SpeedhackSpeedhack coded in C++, inspired by Cheat Engine's own speedhack.
Stars: ✭ 29 (-3.33%)
CatchmeCatchME - WiFi Fun Box "Having Fun with ESP8266"
Stars: ✭ 28 (-6.67%)
Drv3 Tools(Not actively maintained, use DRV3-Sharp) Tools for extracting and re-injecting files for Danganronpa V3 for PC.
Stars: ✭ 13 (-56.67%)
Venomvenom - shellcode generator/compiler/handler (metasploit)
Stars: ✭ 904 (+2913.33%)
ByobAn open-source post-exploitation framework for students, researchers and developers.
Stars: ✭ 6,949 (+23063.33%)