magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (-6.09%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+91.36%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-68.17%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+591.75%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (-32.22%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (-23.77%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-86.25%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-75.83%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-89.39%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (-63.26%)
axionA toolkit for CTFs
Stars: ✭ 15 (-97.05%)
CryptionTool一个CTF+渗透测试工具框架,集成常见加解密,密码、编码转换,端口扫描,字符处理等功能
Stars: ✭ 62 (-87.82%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+629.86%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (-81.73%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-91.55%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+660.9%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-94.7%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-78.98%)
ctf4noobsResumão da massa sobre Capture the Flag.
Stars: ✭ 18 (-96.46%)
ImageStrikeImageStrike是一款用于CTF中图片隐写的综合利用工具
Stars: ✭ 118 (-76.82%)
TomatoToolsTomatoTools 一款CTF杂项利器,支持36种常见编码和密码算法的加密和解密,31种密文的分析和识别,支持自动提取flag,自定义插件等。
Stars: ✭ 66 (-87.03%)
BerylEnigma一个为渗透测试与CTF而制作的工具集,主要实现一些加解密的功能。
Stars: ✭ 329 (-35.36%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (-24.36%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-86.84%)
Auto-AWD🚩 CTF AWD framework
Stars: ✭ 24 (-95.28%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (-88.61%)
bentoBento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.
Stars: ✭ 74 (-85.46%)
gwdomainssub domain wild card filtering tool
Stars: ✭ 38 (-92.53%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (-85.07%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-97.25%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-90.77%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-94.89%)
GobyAttack surface mapping
Stars: ✭ 446 (-12.38%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-14.54%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-83.3%)
pwnscriptsVery simple script(s) to hasten binary exploit creation
Stars: ✭ 66 (-87.03%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (-25.15%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-86.25%)
webcocktailAn automatic and lightweight web application scanning tool for CTF.
Stars: ✭ 28 (-94.5%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-83.5%)
ctf-writeupsWriteups of CTF challenges
Stars: ✭ 19 (-96.27%)
GosecGolang security checker
Stars: ✭ 5,694 (+1018.66%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-92.53%)
blackhat-pythonBlack Hat Python workshop for Disobey 2019
Stars: ✭ 27 (-94.7%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-15.13%)
SimpleKeyloggerSimple Keylogger with smtp to send emails on your account using python works on linux and Windows
Stars: ✭ 32 (-93.71%)
jsleaka Go code to detect leaks in JS files via regex patterns
Stars: ✭ 111 (-78.19%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (-43.61%)
SecurityExplainedSecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
Stars: ✭ 301 (-40.86%)
challengesSecurity challenges and CTFs created by the Penultimate team.
Stars: ✭ 13 (-97.45%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (-52.46%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-95.28%)
Crypto封装多种CTF和平时常见加密及编码C#类库
Stars: ✭ 20 (-96.07%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-97.45%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-1.96%)
CTF-GameCapture the flag Game
Stars: ✭ 14 (-97.25%)