Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-66.17%)
UddupUrls de-duplication tool for better recon.
Stars: ✭ 103 (-48.76%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+257.21%)
Awesome Sec TalksA collected list of awesome security talks
Stars: ✭ 3,411 (+1597.01%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+4445.77%)
Cve Searchcve-search - a tool to perform local searches for known vulnerabilities
Stars: ✭ 1,765 (+778.11%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-68.66%)
Paper collectionAcademic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
Stars: ✭ 710 (+253.23%)
Url TrackerChange monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-14.93%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1201.99%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+573.63%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+251.74%)
Jsfscan.shAutomation for javascript recon in bug bounty.
Stars: ✭ 287 (+42.79%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+1627.86%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-37.31%)
DifuzeFuzzer for Linux Kernel Drivers
Stars: ✭ 285 (+41.79%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-69.65%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+1491.04%)
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Stars: ✭ 276 (+37.31%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-38.31%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (+34.83%)
Awesome Security GistsA collection of various GitHub gists for hackers, pentesters and security researchers
Stars: ✭ 701 (+248.76%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (+34.83%)
Jwt Hack🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
Stars: ✭ 172 (-14.43%)
Openvas ScannerOpen Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+425.37%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+4808.46%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+243.28%)
Chatterinternet monitoring osint telegram bot for windows
Stars: ✭ 123 (-38.81%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-76.62%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+27.36%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-19.4%)
Project BlackPentest/BugBounty progress control with scanning modules
Stars: ✭ 257 (+27.86%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+575.12%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+237.31%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (-40.8%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-93.53%)
Pcwt Stars: ✭ 46 (-77.11%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-57.21%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-6.97%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-57.71%)
Timeless Timing AttacksA Python implementation that facilitates finding timeless timing attack vulnerabilities.
Stars: ✭ 45 (-77.61%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-50.75%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+229.85%)
remote-code-execution-sampleDemonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.
Stars: ✭ 18 (-91.04%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+407.96%)
swiss-bugbounty-programsList of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland
Stars: ✭ 25 (-87.56%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (-20.4%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+3323.88%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-8.96%)
Umbrella androidOpen source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.
Stars: ✭ 171 (-14.93%)
Asset Scanasset-scan是一款适用甲方企业的外网资产周期性扫描监控系统
Stars: ✭ 149 (-25.87%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-51.74%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+220.4%)