Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-17.8%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+660.17%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+612.71%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1551.69%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+154.24%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (+2.54%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (+100.85%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1807.63%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (+83.05%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (+30.51%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (+43.22%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+5732.2%)
DjangohunterTool designed to help identify incorrectly configured Django applications that are exposing sensitive information.
Stars: ✭ 212 (+79.66%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+2366.95%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-11.02%)
LockphishLockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.
Stars: ✭ 186 (+57.63%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+2549.15%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-48.31%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+2237.29%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+427.12%)
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (-26.27%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-26.27%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+143.22%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (+983.9%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (+129.66%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (+131.36%)
KeyloggerGet Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
Stars: ✭ 604 (+411.86%)
BillcipherInformation Gathering tool for a Website or IP address
Stars: ✭ 332 (+181.36%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+177.97%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+3436.44%)
Reverse Engineering TutorialA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+4783.9%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-14.41%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+239.83%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+255.08%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+294.92%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+27788.98%)
Burp Bounty ProfilesBurp Bounty profiles compilation, feel free to contribute!
Stars: ✭ 76 (-35.59%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+487.29%)
Pythempentest framework
Stars: ✭ 1,060 (+798.31%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+862.71%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-1.69%)
The Book Of Secret KnowledgeA collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Stars: ✭ 55,582 (+47003.39%)
ToolsSecurity and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Stars: ✭ 1,343 (+1038.14%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+1184.75%)
Python RansomwarePython Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles
Stars: ✭ 96 (-18.64%)
Github DorksFind leaked secrets via github search
Stars: ✭ 1,332 (+1028.81%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-1.69%)
TweetshellMulti-thread Twitter BruteForcer in Shell Script
Stars: ✭ 112 (-5.08%)
FeroxbusterA fast, simple, recursive content discovery tool written in Rust.
Stars: ✭ 1,314 (+1013.56%)
RobustpentestmacroThis is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.
Stars: ✭ 95 (-19.49%)
Hg8045qPwning the Nuro issued Huawei HG8045Q
Stars: ✭ 107 (-9.32%)