PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-16.49%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-25.77%)
heaptracehelps visualize heap operations for pwn and debugging
Stars: ✭ 252 (+159.79%)
CredsleakerCredsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
Stars: ✭ 247 (+154.64%)
Owasp SeraphimdroidOWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Stars: ✭ 62 (-36.08%)
bctf2017bctf2017 challenges
Stars: ✭ 11 (-88.66%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (+62.89%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-58.76%)
KeydecoderKeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.
Stars: ✭ 236 (+143.3%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1071.13%)
BreachdetectorDetect root, emulation, debug mode and other security concerns in your Xamarin apps
Stars: ✭ 57 (-41.24%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-36.08%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-40.21%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1006.19%)
FSEC-VMBackend logic implementation for Vulnerability Management System
Stars: ✭ 19 (-80.41%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+969.07%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+912.37%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-52.58%)
raiderOWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
Stars: ✭ 88 (-9.28%)
MalcomMalcom - Malware Communications Analyzer
Stars: ✭ 988 (+918.56%)
writeupsWriteups for vulnerable machines.
Stars: ✭ 110 (+13.4%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-63.92%)
polscanZero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
Stars: ✭ 57 (-41.24%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+559.79%)
MettaAn information security preparedness tool to do adversarial simulation.
Stars: ✭ 867 (+793.81%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+856.7%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+6378.35%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-83.51%)
penelopePenelope Shell Handler
Stars: ✭ 291 (+200%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+698.97%)
PyIrisPyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (+205.15%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+611.34%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (+119.59%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+2043.3%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+2760.82%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+583.51%)
AutosqliAn automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
Stars: ✭ 222 (+128.87%)
ghidra2dwarf🐉 Export ghidra decompiled code to dwarf sections inside ELF binary
Stars: ✭ 135 (+39.18%)
crAPIcompletely ridiculous API (crAPI)
Stars: ✭ 549 (+465.98%)
Sec Admin分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (+128.87%)
DvnaDamn Vulnerable NodeJS Application
Stars: ✭ 463 (+377.32%)
RoninRonin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.
Stars: ✭ 220 (+126.8%)
SSI Extra MaterialsIn my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (-56.7%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (+122.68%)
Can I Take Over Xyz"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Stars: ✭ 2,808 (+2794.85%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-78.35%)
react-obfuscateAn intelligent React component to obfuscate any contact link!
Stars: ✭ 87 (-10.31%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-70.1%)