NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+551.35%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+516.22%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+161.82%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+159.12%)
OpenVAS-DockerA Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-94.59%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+71.96%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+39.53%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (+6.08%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-60.14%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+1788.51%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+1083.45%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-6.08%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-69.93%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+23.65%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-38.51%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (+21.62%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+262.5%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+16.89%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+83.78%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (+44.59%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+43.24%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+117.91%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+203.04%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-82.43%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+264.53%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-54.73%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-41.55%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-36.82%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+883.45%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+681.08%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-35.47%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1061.82%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-13.85%)
CheckiptoolsCheckIPTools 扫描谷歌IP以及实用IP转换小工具
Stars: ✭ 253 (-14.53%)
pascal-interpreterA simple interpreter for a large subset of Pascal language written for educational purposes
Stars: ✭ 21 (-92.91%)
EastExploits and Security Tools Framework 2.0.1
Stars: ✭ 283 (-4.39%)
SpyGenTrojan 🐍 (keylogger, take screenshots, open your webcam) 🔓
Stars: ✭ 115 (-61.15%)
SoteriaPlugin to block compilation when unapproved dependencies are used or code styling does not comply.
Stars: ✭ 36 (-87.84%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (-8.45%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+188.51%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (-3.04%)
LegionAutomatic Enumeration Tool based in Open Source tools
Stars: ✭ 280 (-5.41%)
Localradio📻 LocalRadio is "Radio for Cord-Cutters" – a Software-Defined Radio (SDR) app for your Mac and mobile devices. With an inexpensive RTL-SDR USB device, LocalRadio provides a casual, home-based radio listening experience for your favorite local frequencies - FM broadcasts/free music/news/sports/weather/public safety & aviation scanner/etc.
Stars: ✭ 269 (-9.12%)
box-appServerThe Staff-Manager App Server for Enterprise Token Safe BOX
Stars: ✭ 22 (-92.57%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-86.82%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+893.92%)
backscannerA scanner similar to bufio.Scanner, but it reads and returns lines in reverse order, starting at a given position and going backward.
Stars: ✭ 34 (-88.51%)
InfosecHouseInfosec resource center for offensive and defensive security operations.
Stars: ✭ 61 (-79.39%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+957.77%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (-9.8%)
mondoo🕵️♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management
Stars: ✭ 60 (-79.73%)
omrmarkengineThis project is designed to allow easy creation of OMR (Optical Mark Recognition) templates and provides a bulk scanner which can be used for processing large amounts of images from a tray fed scanner.
Stars: ✭ 49 (-83.45%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (-10.81%)
Log4j-RCE-ScannerRemote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (-32.43%)
SwiftscanA barcode and qr code scanner( 二维码/条形码扫描、生成,仿微信、支付宝)
Stars: ✭ 293 (-1.01%)
TIGERimplement a full compiler based on c++ 11
Stars: ✭ 17 (-94.26%)
CloudfruntA tool for identifying misconfigured CloudFront domains
Stars: ✭ 281 (-5.07%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+955.41%)