OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+1183.87%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+235.48%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-43.55%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+4645.16%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (+338.71%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+6146.77%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+4950%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (+370.97%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+429.03%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+1396.77%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+129.03%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+5700%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+938.71%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (+482.26%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+496.77%)
PyupA tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
Stars: ✭ 379 (+511.29%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+1546.77%)
KatanaA Python Tool For google Hacking
Stars: ✭ 355 (+472.58%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+514.52%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+1548.39%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+524.19%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+520.97%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+527.42%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (+538.71%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+525.81%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+550%)
Fwanalyzera tool to analyze filesystem images for security
Stars: ✭ 382 (+516.13%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+566.13%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1640.32%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-56.45%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (+575.81%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+575.81%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+582.26%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+580.65%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-16.13%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+583.87%)
BroxyAn HTTP/HTTPS intercept proxy written in Go.
Stars: ✭ 912 (+1370.97%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+582.26%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+596.77%)
Kill RouterFerramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
Stars: ✭ 57 (-8.06%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+625.81%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-32.26%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+9072.58%)
NetcatNetCat for Windows
Stars: ✭ 463 (+646.77%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+651.61%)
GobyAttack surface mapping
Stars: ✭ 446 (+619.35%)
DronesploitDrone pentesting framework console
Stars: ✭ 473 (+662.9%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+472.58%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+601.61%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+1527.42%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+1324.19%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+704.84%)