Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-56.89%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-19.11%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+2320%)
Put2winScript to automate PUT HTTP method exploitation to get shell
Stars: ✭ 96 (-57.33%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-88.89%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+766.22%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+301.78%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+118.67%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-4%)
MbeCourse materials for Modern Binary Exploitation by RPISEC
Stars: ✭ 4,674 (+1977.33%)
BughunterTools for Bug Hunting
Stars: ✭ 95 (-57.78%)
GobusterDirectory/File, DNS and VHost busting tool written in Go
Stars: ✭ 5,356 (+2280.44%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-36%)
NetcatNetCat for Windows
Stars: ✭ 463 (+105.78%)
BadpodsA collection of manifests that will create pods with elevated privileges.
Stars: ✭ 93 (-58.67%)
JwtcatA CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Stars: ✭ 181 (-19.56%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+298.67%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+100.44%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-28%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-48.44%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+294.67%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-37.78%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+2427.56%)
EggshelliOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+471.56%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-60.44%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+91.56%)
Arm exploitationExploitation on ARM-based Systems (Troopers18)
Stars: ✭ 139 (-38.22%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (+88.44%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-60.44%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+87.56%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-21.33%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+84.89%)
On PwningMy solutions to some CTF challenges and a list of interesting resources about pwning stuff
Stars: ✭ 87 (-61.33%)
BotbA container analysis and exploitation tool for pentesters and engineers.
Stars: ✭ 414 (+84%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-39.56%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (+80%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-61.33%)
DecryptteamviewerEnumerate and decrypt TeamViewer credentials from Windows registry
Stars: ✭ 205 (-8.89%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+72.44%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+73.78%)
BlazefoxBlazefox exploits for Windows 10 RS5 64-bit.
Stars: ✭ 134 (-40.44%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-62.22%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+271.11%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-48.89%)
HashtopolisA Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (+271.11%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+270.22%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-62.67%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-3.11%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (-2.67%)
Doxboxweb-based OSINT and reconaissance toolkit
Stars: ✭ 202 (-10.22%)
Vulnerable KextA WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
Stars: ✭ 188 (-16.44%)