SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-48.26%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+277.11%)
Grauditgrep rough audit - source code auditing tool
Stars: ✭ 747 (+271.64%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-48.76%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+269.15%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+267.66%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-25.37%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-48.76%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+174.13%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+554.73%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+169.15%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-27.36%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-54.73%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-15.42%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+144.78%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-55.72%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+131.84%)
Pyiris BackdoorPyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Stars: ✭ 145 (-27.86%)
PlumhoundBloodhound for Blue and Purple Teams
Stars: ✭ 452 (+124.88%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (+541.79%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+120.4%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+2729.35%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-55.72%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-28.36%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+110.45%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+105.47%)
Bountystrike ShPoor (rich?) man's bug bounty pipeline
Stars: ✭ 168 (-16.42%)
Sinkholes🐛 Malware Sinkhole List in various formats
Stars: ✭ 84 (-58.21%)
UddupUrls de-duplication tool for better recon.
Stars: ✭ 103 (-48.76%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+257.21%)
DnsgenGenerates combination of domain names from the provided input.
Stars: ✭ 389 (+93.53%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+92.54%)
Cs7038 Malware AnalysisCourse Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
Stars: ✭ 378 (+88.06%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (-5.97%)
Paper collectionAcademic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
Stars: ✭ 710 (+253.23%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-60.7%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+80.6%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+859.2%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+71.64%)
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (-61.19%)
Url TrackerChange monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-14.93%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1201.99%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+573.63%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+251.74%)
NucleiFast and customizable vulnerability scanner based on simple YAML based DSL.
Stars: ✭ 6,307 (+3037.81%)
Infosec BadgesBadges for your GitHub tool presented at InfoSec Conference
Stars: ✭ 74 (-63.18%)
Ctf Writeups PublicWriteups for infosec Capture the Flag events by team Galaxians
Stars: ✭ 331 (+64.68%)
Awesome Security GistsA collection of various GitHub gists for hackers, pentesters and security researchers
Stars: ✭ 701 (+248.76%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+4808.46%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+243.28%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+575.12%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+237.31%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-50.75%)