PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+1584%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (+72%)
k8s-demosDemo scripts for Kubernetes built-in controllers
Stars: ✭ 29 (+16%)
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
Stars: ✭ 25 (+0%)
hackipyHacking, pen-testing, and cyber-security related tools built with Python.
Stars: ✭ 26 (+4%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (+168%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (+648%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (+84%)
learnRECON learn: a free, open platform for training material on epidemics analysis
Stars: ✭ 33 (+32%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (+156%)
ldap2jsonThe ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Stars: ✭ 56 (+124%)
Python-For-Ethical-HackingThis is a complete project series on implementing hacking tools available in Kali Linux into python.
Stars: ✭ 29 (+16%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+392%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (+188%)
scriptsSmall, useful platform-agnostic scripts (mostly just for Linux) that don't justify having their own repo
Stars: ✭ 25 (+0%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (+112%)
dotPersonal and professional dotfiles to setup my personal workspace on any Debian/Ubuntu system. Also available as rwxrob/workspace container.
Stars: ✭ 152 (+508%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+236%)
client-javaAsynchronous client for Java-based agents
Stars: ✭ 17 (-32%)
nozakiHTTP fuzzer engine security oriented
Stars: ✭ 37 (+48%)
PythonPython Powered Repository
Stars: ✭ 17 (-32%)
XboxDevInformation about XboxDev and issue tracker for the entire XboxDev ecosystem
Stars: ✭ 64 (+156%)
daily-commonspeak2commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. Please use it instead: https://github.com/assetnote/wordlists
Stars: ✭ 38 (+52%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (+176%)
gf-patternsCollection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf
Stars: ✭ 27 (+8%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (+132%)
shaniaScan secrets from Continuous Integration Build Logs
Stars: ✭ 54 (+116%)
cisco-cheatsheetA Cisco Cheatsheet: Commands and Snippets for bootstrapping, boilerplate, configuration, and hardening of Cisco routers and switches.
Stars: ✭ 66 (+164%)
Windows11-OptimizationCommunity repository, to improve security and performance of Windows 10 and windows 11 with tweaks, commands, scripts, registry keys, configuration, tutorials and more
Stars: ✭ 17 (-32%)
poweruser💪 Collection of tips, tricks and scripts for becoming a true poweruser
Stars: ✭ 21 (-16%)
easyreconTool to automate recon
Stars: ✭ 37 (+48%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-44%)
game-modesManiaplanet scripts and resources
Stars: ✭ 24 (-4%)
binanother scripts repo
Stars: ✭ 18 (-28%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (+28%)
fdnssearchSwiftly search FDNS datasets from Rapid7 Open Data
Stars: ✭ 19 (-24%)
recon exElixir wrapper for Recon, tools to diagnose Erlang VM safely in production
Stars: ✭ 55 (+120%)
doraFind exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (+816%)
pyiocutilsA collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
Stars: ✭ 18 (-28%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (+1016%)
BurpSQLTruncSannerMessy BurpSuite plugin for SQL Truncation vulnerabilities.
Stars: ✭ 53 (+112%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+376%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-8%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (+712%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (+1180%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+1160%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (+440%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+732%)