Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+448.28%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+502.59%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+483.62%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+198.28%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+525%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+456.03%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+117.24%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+568.1%)
HabuHacking Toolkit
Stars: ✭ 635 (+447.41%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-22.41%)
evildorkEvildork targeting your fiancee👁️
Stars: ✭ 46 (-60.34%)
querytoolQuerytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-10.34%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-85.34%)
phomberPhomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: ✭ 59 (-49.14%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+7758.62%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-9.48%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+673.28%)
Recon RavenReconnaissance tool of Penetration test & Bug Bounty
Stars: ✭ 18 (-84.48%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-61.21%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-62.93%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-69.83%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-81.03%)
ProcspyPython tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
Stars: ✭ 272 (+134.48%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (+133.62%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (+139.66%)
CtftoolsPersonal CTF Toolkit
Stars: ✭ 312 (+168.97%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+601.72%)
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Stars: ✭ 109 (-6.03%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (+134.48%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (+158.62%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+731.03%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+3522.41%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (+177.59%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+182.76%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+209.48%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+4398.28%)
KatanaA Python Tool For google Hacking
Stars: ✭ 355 (+206.03%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+3487.93%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (+241.38%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+237.07%)
Github ReconGitHub Recon — and what you can achieve with it!
Stars: ✭ 47 (-59.48%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+235.34%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+245.69%)
Ip TracerTrack any ip address with IP-Tracer. IP-Tracer is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracer.
Stars: ✭ 399 (+243.97%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-12.93%)
IP-TrackerTrack any ip address with IP-Tracker. IP-Tracker is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracker.
Stars: ✭ 53 (-54.31%)
OsintgramOsintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (+168.97%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+249.14%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1453.45%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-12.93%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+288.79%)
NetcatNetCat for Windows
Stars: ✭ 463 (+299.14%)
ReconpiReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
Stars: ✭ 490 (+322.41%)
HackerproAll in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
Stars: ✭ 474 (+308.62%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+334.48%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-37.93%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+366.38%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+28269.83%)