TigersharkBilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.
Stars: ✭ 212 (-12.4%)
DartDART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
Stars: ✭ 207 (-14.46%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-87.19%)
LnkupGenerates malicious LNK file payloads for data exfiltration
Stars: ✭ 205 (-15.29%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1500.41%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-93.8%)
adalancheActive Directory ACL Visualizer and Explorer - who's really Domain Admin?
Stars: ✭ 862 (+256.2%)
aws-wafDeep Security's APIs make it simple to integration with a variety of AWS Services
Stars: ✭ 42 (-82.64%)
giggerGit folder digger, I'm sure it's worthwhile stuff.
Stars: ✭ 39 (-83.88%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-84.3%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-22.73%)
autoindexPHP - Automatically add an "index.php" in all directories recursively
Stars: ✭ 25 (-89.67%)
apachrotApache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Stars: ✭ 21 (-91.32%)
xforwardyHost Header Injection Scanner
Stars: ✭ 32 (-86.78%)
toolsTools used for Penetration testing / Red Teaming
Stars: ✭ 63 (-73.97%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-94.63%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-55.79%)
DDTTXDDTTX Tabletop Trainings
Stars: ✭ 22 (-90.91%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-77.69%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-86.36%)
webreconAutomated Web Recon Shell Scripts
Stars: ✭ 48 (-80.17%)
Python-KeyloggerPython Tutorial - || Advanced Keylogger || Code Walk-through || Hacking/Info-Sec ||
Stars: ✭ 55 (-77.27%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-75.21%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-85.12%)
Pe LinuxLinux Privilege Escalation Tool By WazeHell
Stars: ✭ 168 (-30.58%)
polscanZero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
Stars: ✭ 57 (-76.45%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (-22.73%)
SmmExploitThe report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.
Stars: ✭ 98 (-59.5%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (-61.57%)
pyhtoolsA Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.
Stars: ✭ 166 (-31.4%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-33.06%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-92.98%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-77.69%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (-70.25%)
DNSExplorerBash script that automates the enumeration of domains and DNS servers in the active information gathering.
Stars: ✭ 33 (-86.36%)
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
Stars: ✭ 76 (-68.6%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (-76.03%)
nozzlrNozzlr is a bruteforce framework, trully modular and script-friendly
Stars: ✭ 60 (-75.21%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (-43.8%)
mec-ngpentest toolbox
Stars: ✭ 28 (-88.43%)
Print My ShellPython script wrote to automate the process of generating various reverse shells.
Stars: ✭ 140 (-42.15%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-30.99%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-68.18%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+653.72%)
mapi-action🤖 Run a Mayhem for API scan in GitHub Actions
Stars: ✭ 16 (-93.39%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+696.69%)
posteeSimple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.
Stars: ✭ 160 (-33.88%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-45.04%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-47.52%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-86.36%)
shaniaScan secrets from Continuous Integration Build Logs
Stars: ✭ 54 (-77.69%)
qvm-create-windows-qubeSpin up new Windows qubes quickly, effortlessly and securely on Qubes OS
Stars: ✭ 267 (+10.33%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-78.1%)
AutoPentest-DRLAutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning
Stars: ✭ 196 (-19.01%)
Dark-PhishDark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.
Stars: ✭ 57 (-76.45%)