JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+341.18%)
CitadelCollection of pentesting scripts
Stars: ✭ 333 (+226.47%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+213.73%)
PentestingazureappsScript samples from the book Pentesting Azure Applications (2018, No Starch Press)
Stars: ✭ 69 (-32.35%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+406.86%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+215.69%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+4700.98%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+563.73%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-17.65%)
Opaquemail.NET email library and proxy supporting IMAP, POP3, and SMTP with S/MIME and PGP.
Stars: ✭ 91 (-10.78%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-19.61%)
TcpbinVery crude and poorly written HTTP(s) and SMTP bin
Stars: ✭ 85 (-16.67%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-11.76%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+1124.51%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+1103.92%)
EggshelliOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+1160.78%)
Decoder Plus PlusAn extensible application for penetration testers and software developers to decode/encode data into various formats.
Stars: ✭ 79 (-22.55%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-23.53%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-0.98%)
Put2winScript to automate PUT HTTP method exploitation to get shell
Stars: ✭ 96 (-5.88%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-12.75%)
MailcoreEmailing wrapper for Vapor 3 apps
Stars: ✭ 77 (-24.51%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+1070.59%)
NetdumbsternetDumbster is a .Net Fake SMTP Server clone of the popular Dumbster
Stars: ✭ 88 (-13.73%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-30.39%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-16.67%)
MailwayMailway installer, host your own Mailway instance
Stars: ✭ 94 (-7.84%)
GopherusThis tool generates gopher link for exploiting SSRF and gaining RCE in various servers
Stars: ✭ 1,258 (+1133.33%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-4.9%)
Tkframeworkreact + relay + redux + saga + graphql + webpack
Stars: ✭ 83 (-18.63%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+1177.45%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+1114.71%)
Fastsitephp🌟 FastSitePHP 🌟 A Modern Open Source Framework for building High Performance Websites and API’s with PHP
Stars: ✭ 102 (+0%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-20.59%)
KatzkatzPython3 script to parse txt files containing Mimikatz output
Stars: ✭ 91 (-10.78%)
DeathstarUses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Stars: ✭ 1,221 (+1097.06%)
React TransmitRelay-inspired library based on Promises instead of GraphQL.
Stars: ✭ 1,335 (+1208.82%)
Esp32 Mail ClientThe complete and secured Mail Client for ESP32, sending and reading the E-mail through the SMTP and IMAP servers.
Stars: ✭ 79 (-22.55%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-12.75%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-23.53%)
Ansible PostfixAnsible role to set up postfix in Debian-like systems
Stars: ✭ 102 (+0%)
RsfThe Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-25.49%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-12.75%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+1050.98%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-5.88%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+1155.88%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-31.37%)
FridpaAn automated wrapper script for patching iOS applications (IPA files) and work on non-jailbroken device
Stars: ✭ 69 (-32.35%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+1237.25%)
Graphql Relay JsA library to help construct a graphql-js server supporting react-relay.
Stars: ✭ 1,331 (+1204.9%)
Watf BankWaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
Stars: ✭ 87 (-14.71%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-33.33%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-33.33%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-14.71%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-35.29%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1013.73%)
Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-6.86%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-14.71%)