Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+233.61%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-50.21%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+226.14%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-17.43%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+221.58%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+708.71%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+217.01%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+212.86%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-51.87%)
Pguriuri type for PostgreSQL
Stars: ✭ 235 (-2.49%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+200.83%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-52.28%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (+196.68%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-30.71%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-51.87%)
Better Link Movement MethodAttempts to improve how clickable links are detected, highlighted and handled in TextView
Stars: ✭ 684 (+183.82%)
Vscode Remote WorkspaceMulti protocol support for handling remote files like local ones in Visual Studio Code.
Stars: ✭ 197 (-18.26%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (-52.7%)
AngoraAngora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
Stars: ✭ 669 (+177.59%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-52.7%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+163.9%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (-9.13%)
UrlembeddedviewURLEmbeddedView automatically caches the object that is confirmed the Open Graph Protocol.
Stars: ✭ 633 (+162.66%)
FinickyA macOS app for customizing which browser to start
Stars: ✭ 2,026 (+740.66%)
Laravel Url SignerCreate and validate signed URLs with a limited lifetime
Stars: ✭ 611 (+153.53%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-31.95%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+151.45%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+711.62%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (+149.38%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-23.65%)
EchidnaEthereum smart contract fuzzer
Stars: ✭ 571 (+136.93%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-53.53%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+131.95%)
ZerodoorA script written lazily for generating cross-platform backdoors on the go :)
Stars: ✭ 163 (-32.37%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+128.63%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+536.93%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+124.48%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+1051.45%)
Jsfuzzcoverage guided fuzz testing for javascript
Stars: ✭ 532 (+120.75%)
Fisy FuzzThis is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (-54.36%)
FuzzapiFuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Stars: ✭ 521 (+116.18%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-32.78%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+114.52%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-55.19%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-19.92%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+371.37%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+605.39%)
Attack Surface Detector BurpThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 63 (-73.86%)
NeedleThe iOS Security Testing Framework
Stars: ✭ 1,122 (+365.56%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-56.43%)
Go Http TunnelFast and secure tunnels over HTTP/2
Stars: ✭ 2,786 (+1056.02%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-1.24%)
GrrHigh-throughput fuzzer and emulator of DECREE binaries
Stars: ✭ 229 (-4.98%)
ShellabLinux and Windows shellcode enrichment utility
Stars: ✭ 225 (-6.64%)
O365reconretrieve information via O365 with a valid cred
Stars: ✭ 204 (-15.35%)