PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+105.78%)
Put2winScript to automate PUT HTTP method exploitation to get shell
Stars: ✭ 96 (-57.33%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+99.56%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-21.33%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+100%)
Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-57.78%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+96.89%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-36%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+93.33%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-60%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+92%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (-2.67%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+88.44%)
Gr RecipesMain GNU Radio recipe repository for use with PyBOMBS
Stars: ✭ 90 (-60%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+88%)
RfoutletControl 433Mhz Rf power outlets from a Raspberry Pi
Stars: ✭ 140 (-37.78%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+86.22%)
Ot RtosOpenThread RTOS, an integration of OpenThread, LwIP, and FreeRTOS.
Stars: ✭ 90 (-60%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+80%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-60.44%)
Ansible Openwisp2Ansible role that installs and upgrades OpenWISP.
Stars: ✭ 403 (+79.11%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-37.78%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+72.44%)
Ble Security Attack Defence✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
Stars: ✭ 88 (-60.89%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+73.78%)
TrackerjackerLike nmap for mapping wifi networks you're not connected to, plus device tracking
Stars: ✭ 2,307 (+925.33%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+69.33%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (-61.33%)
SqlmapAutomatic SQL injection and database takeover tool
Stars: ✭ 21,907 (+9636.44%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-40%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+68%)
BeacongraphGraph visualization of wireless client and access point relationships
Stars: ✭ 87 (-61.33%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+1749.78%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1562.67%)
NetjsonconfigNetwork configuration management library based on NetJSON DeviceConfiguration
Stars: ✭ 372 (+65.33%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-61.33%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+64.44%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+711.56%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+463.56%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+53.33%)
FirmwareArmbian firmware
Stars: ✭ 85 (-62.22%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (+53.33%)
XorpassEncoder to bypass WAF filters using XOR operations
Stars: ✭ 134 (-40.44%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+52%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+455.11%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+47.11%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+249.33%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-63.56%)
ShellabLinux and Windows shellcode enrichment utility
Stars: ✭ 225 (+0%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-3.11%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-4%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-9.33%)
SocialfishPhishing Tool & Information Collector
Stars: ✭ 2,522 (+1020.89%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-30.22%)