RmiscoutRMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
Stars: ✭ 296 (-61.81%)
Vuln Web AppsA curated list of vulnerable web applications.
Stars: ✭ 128 (-83.48%)
WhourTool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-97.68%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (-83.61%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+312.65%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+3.74%)
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-56.13%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-90.97%)
NucleiFast and customizable vulnerability scanner based on simple YAML based DSL.
Stars: ✭ 6,307 (+713.81%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+354.32%)
pentesting-notesNotes from OSCP, CTF, security adventures, etc...
Stars: ✭ 38 (-95.1%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-83.1%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+39.23%)
CelerystalkAn asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
Stars: ✭ 333 (-57.03%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+834.97%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (-75.61%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+30.19%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+24.39%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-59.48%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-84.52%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-79.1%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-50.71%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-77.16%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+255.87%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-53.55%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-88.52%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (-46.71%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+275.61%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-48%)
RapidpayloadFramework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion
Stars: ✭ 174 (-77.55%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-85.42%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-75.48%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+228.77%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (-44.77%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-75.87%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-92.52%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-73.29%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (-40.26%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-44.9%)
scan-cli-pluginDocker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Stars: ✭ 135 (-82.58%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-97.81%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-41.94%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-81.68%)
quick-scriptsA collection of my quick and dirty scripts for vulnerability POC and detections
Stars: ✭ 73 (-90.58%)
erebusErebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.
Stars: ✭ 72 (-90.71%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-78.45%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (-92.77%)
Bscanan asynchronous target enumeration tool
Stars: ✭ 207 (-73.29%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-94.06%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (-16.77%)
AriaCloudA Docker container for remote penetration testing.
Stars: ✭ 105 (-86.45%)
Log4j-RCE-ScannerRemote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (-74.19%)
HabuHacking Toolkit
Stars: ✭ 635 (-18.06%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-86.45%)