Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-95.81%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (-95.7%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (-78.83%)
MooscanA scanner for Moodle LMS
Stars: ✭ 22 (-99.36%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-99.27%)
Sqlivmassive SQL injection vulnerability scanner
Stars: ✭ 840 (-75.57%)
DracnmapDracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Stars: ✭ 861 (-74.96%)
WhourTool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-99.48%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (-75.37%)
Scanlessonline port scan scraper
Stars: ✭ 875 (-74.56%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (-74.32%)
WincmdfuWindows one line commands that make life easier, shortcuts and command line fu.
Stars: ✭ 145 (-95.78%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (-76.68%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (-76.62%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (-74.18%)
StargatherA fast GitHub stargazers information gathering tool
Stars: ✭ 30 (-99.13%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-95.81%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+125.41%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-93.78%)
UnimapScan only once by IP address and reduce scan times with Nmap for large amounts of data.
Stars: ✭ 141 (-95.9%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-99.21%)
StrikerStriker is an offensive information and vulnerability scanner.
Stars: ✭ 1,851 (-46.18%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (-73.71%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (-77%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-94.68%)
GoreconGorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
Stars: ✭ 208 (-93.95%)
OnionsearchOnionSearch is a script that scrapes urls on different .onion search engines.
Stars: ✭ 135 (-96.07%)
InfogaInfoga - Email OSINT
Stars: ✭ 947 (-72.46%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-98.84%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (-70.66%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-98.98%)
Php Antimalware ScannerAMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (-94.74%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (-71.45%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (-71.42%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-98.95%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-77.14%)
PasktoPaskto - Passive Web Scanner
Stars: ✭ 136 (-96.05%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (-70.17%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-98.66%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-98.63%)
SsrfmapSimple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (-98.55%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (-70.31%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-96.05%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (-70.28%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-98.49%)
RecondogReconnaissance Swiss Army Knife
Stars: ✭ 1,069 (-68.92%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-98.78%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-93.11%)
Sane Scan PdfSane command-line scan-to-pdf script on Linux with OCR and deskew support
Stars: ✭ 58 (-98.31%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-98.31%)
Can I Take Over Xyz"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Stars: ✭ 2,808 (-18.35%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (-88.31%)