CamHellIngenic T10 IP camera crawler
Stars: ✭ 53 (-49.04%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+285.58%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+497.12%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (+25%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (+162.5%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (+13.46%)
HaBoNetshodan
Stars: ✭ 19 (-81.73%)
PhantomShodanShodan.io connector for Phantom Cyber Security Orchestration
Stars: ✭ 19 (-81.73%)
jshodanPowerful Shodan API client using RxJava and Retrofit
Stars: ✭ 56 (-46.15%)
wafbypasserNo description or website provided.
Stars: ✭ 73 (-29.81%)
woodpeckerCustom security distro for remote penetration testing
Stars: ✭ 45 (-56.73%)
Spray365Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
Stars: ✭ 233 (+124.04%)
hack-scriptsscripts to setup pentesting system and use during pentest
Stars: ✭ 16 (-84.62%)
mmhdanCalculate fingerprints of a website for OSINT search
Stars: ✭ 35 (-66.35%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (+168.27%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-64.42%)
ShoScanShodan Port Scanner
Stars: ✭ 38 (-63.46%)
fofa-javaA Java version of the SDK, based on the FOFA Pro API, makes it easy for Java developers to quickly integrate FOFA Pro into their projects.
Stars: ✭ 22 (-78.85%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+498.08%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (+2.88%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-70.19%)
nclnuclei framework scripts
Stars: ✭ 25 (-75.96%)
sylas根据多个不同地区进行聚合查询以获取更多 fofa 数据
Stars: ✭ 25 (-75.96%)
skweezFast website scraper and wordlist generator
Stars: ✭ 49 (-52.88%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (+15.38%)
RPCScanTool to communicate with RPC services and check misconfigurations on NFS shares
Stars: ✭ 53 (-49.04%)
k8badusbBadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit
Stars: ✭ 32 (-69.23%)
Vendor-Threat-Triage-LookupLookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
Stars: ✭ 17 (-83.65%)
ComPPCompany Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.
Stars: ✭ 44 (-57.69%)
FShellMy python3 implementation of a Forward Shell
Stars: ✭ 24 (-76.92%)
usefuluseful pentest note
Stars: ✭ 59 (-43.27%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-67.31%)
fofaxfofax is a command line query tool based on the API of https://fofa.info/, simple is the best!
Stars: ✭ 479 (+360.58%)
fofa viewer一个简单实用的FOFA客户端 By flashine
Stars: ✭ 815 (+683.65%)
ShodanCPPShodanCPP is a С++ library for accessing the Shodan API.
Stars: ✭ 18 (-82.69%)
dwnd(ockerp)wn - a docker pwn tool manager
Stars: ✭ 154 (+48.08%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-77.88%)
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (-16.35%)
huntkitDocker - Ubuntu with a bunch of PenTesting tools and wordlists
Stars: ✭ 51 (-50.96%)
PhirauteeA proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
Stars: ✭ 96 (-7.69%)
LauschgeraetGets in the way of your victim's traffic and out of yours
Stars: ✭ 25 (-75.96%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-63.46%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-35.58%)
Industrial-Security-Auditing-FrameworkISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (-58.65%)
Pentest-Service-EnumerationSuggests programs to run against services found during the enumeration phase of a Pentest
Stars: ✭ 80 (-23.08%)
SpydanA web spider for shodan.io without using the Developer API.
Stars: ✭ 30 (-71.15%)
AzureAD Autologon BruteBrute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Stars: ✭ 90 (-13.46%)
ConstoleScan for and exploit Consul agents
Stars: ✭ 37 (-64.42%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+3472.12%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+175.96%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+16.35%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-68.27%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (+273.08%)
VNCPwnVNC pentest tool with bruteforce and ducky script execution features
Stars: ✭ 21 (-79.81%)