centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+408.06%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-56.45%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-25.81%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-74.19%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+520.97%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (+20.97%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+290.32%)
Fwanalyzera tool to analyze filesystem images for security
Stars: ✭ 382 (+516.13%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+524.19%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+527.42%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-58.06%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+1527.42%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (+172.58%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-77.42%)
SimpleKeyloggerSimple Keylogger with smtp to send emails on your account using python works on linux and Windows
Stars: ✭ 32 (-48.39%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-62.9%)
InfosecHouseInfosec resource center for offensive and defensive security operations.
Stars: ✭ 61 (-1.61%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-38.71%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (+38.71%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+230.65%)
ScriptsScripts I use during pentest engagements.
Stars: ✭ 834 (+1245.16%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+312.9%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (+311.29%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (+319.35%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+525.81%)
CheckmyhttpsWe propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
Stars: ✭ 35 (-43.55%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (+332.26%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+514.52%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (+538.71%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+550%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+14603.23%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (+348.39%)
TorbotDark Web OSINT Tool
Stars: ✭ 821 (+1224.19%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+1470.97%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+1282.26%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+350%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+5501.61%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+566.13%)
Cs SuiteCloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (+1214.52%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+1212.9%)
DvwaDamn Vulnerable Web Application (DVWA)
Stars: ✭ 5,727 (+9137.1%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+812.9%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+5995.16%)
PyupA tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
Stars: ✭ 379 (+511.29%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+1193.55%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (+575.81%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+1196.77%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+809.68%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (+364.52%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+583.87%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+12403.23%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+582.26%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-25.81%)