StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+3737.1%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+712.9%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+8956.45%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+1945.16%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+211.29%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (+203.23%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (+880.65%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+940.32%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (+225.81%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (+229.03%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+925.81%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (+170.97%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (+304.84%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+11000%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+993.55%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (+206.45%)
Mad MetasploitMetasploit custom modules, plugins, resource script and.. awesome metasploit collection
Stars: ✭ 200 (+222.58%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+235.48%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+991.94%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+938.71%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+869.35%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+245.16%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+129.03%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (+151.61%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+4645.16%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+10030.65%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-43.55%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-30.65%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (+338.71%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+4950%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+1167.74%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+5700%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+1183.87%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (+370.97%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+429.03%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+469.35%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+1074.19%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+509.68%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+553.23%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+1396.77%)
PwndocPentest Report Generator
Stars: ✭ 417 (+572.58%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+8316.13%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (+553.23%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+570.97%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+566.13%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+583.87%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (+109.68%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (+137.1%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (+104.84%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (+491.94%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+7798.39%)