SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-84%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-84.26%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (-43.74%)
log4shelldetectRapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
Stars: ✭ 40 (-94.84%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-97.16%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-86.45%)
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (+127.61%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-84.52%)
AriaCloudA Docker container for remote penetration testing.
Stars: ✭ 105 (-86.45%)
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Stars: ✭ 109 (-85.94%)
RedTeam toolkitRed Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Stars: ✭ 301 (-61.16%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-98.19%)
Log4j-RCE-ScannerRemote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (-74.19%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (-1.42%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (-17.42%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (-33.94%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (-17.81%)
GrypeA vulnerability scanner for container images and filesystems
Stars: ✭ 362 (-53.29%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-52.65%)
GasmaskInformation gathering tool - OSINT
Stars: ✭ 518 (-33.16%)
SpicypassA light-weight password manager with a focus on simplicity and security
Stars: ✭ 367 (-52.65%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (-8.77%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-17.94%)
SolhintSolhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.
Stars: ✭ 363 (-53.16%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+438.45%)
KalitorifyTransparent proxy through Tor for Kali Linux OS
Stars: ✭ 513 (-33.81%)
UnsignRemove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)
Stars: ✭ 362 (-53.29%)
Vulnerable AdCreate a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360 (-53.55%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (-4.9%)
HardeningHardening Ubuntu. Systemd edition.
Stars: ✭ 705 (-9.03%)
SitadelWeb Application Security Scanner
Stars: ✭ 360 (-53.55%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (-33.81%)
RtaRed team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
Stars: ✭ 358 (-53.81%)
Hunter(l)user hunter using WinAPI calls only
Stars: ✭ 359 (-53.68%)
Digispark ScriptsUSB Rubber Ducky type scripts written for the DigiSpark.
Stars: ✭ 629 (-18.84%)
CrlfuzzA fast tool to scan CRLF vulnerability written in Go
Stars: ✭ 354 (-54.32%)
KatanaA Python Tool For google Hacking
Stars: ✭ 355 (-54.19%)
Zeus ScannerAdvanced reconnaissance utility
Stars: ✭ 706 (-8.9%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-34.97%)
W3afw3af: web application attack and audit framework, the open source web vulnerability scanner.
Stars: ✭ 3,804 (+390.84%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-54.19%)
HijackthisA free utility that finds malware, adware and other security threats
Stars: ✭ 349 (-54.97%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-35.48%)
Enum4linux NgA next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Stars: ✭ 349 (-54.97%)
Githack.git 泄漏利用工具,可还原历史版本
Stars: ✭ 501 (-35.35%)
Oss FuzzOSS-Fuzz - continuous fuzzing for open source software.
Stars: ✭ 6,937 (+795.1%)
AttacksurfacemapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Stars: ✭ 702 (-9.42%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (-19.87%)
ShufflednsshuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
Stars: ✭ 498 (-35.74%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (-55.48%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-35.61%)
Whc scan高效强大扫描分析iOS和Android项目里没有使用的类Mac开源工具,清理项目垃圾类,让项目结构干净清爽,升级维护得心应手. Efficient and powerful scanning analysis iOS and Android project no classes used in Mac open source tools, cleaning rubbish class project, make project structure clean and relaxed, upgrade maintenance
Stars: ✭ 342 (-55.87%)