1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+319.3%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-93.12%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (-54.74%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+39.84%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (-72.23%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+676.75%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-82.05%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-88.83%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+596.95%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-96.73%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-96.05%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-87.81%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-73.25%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-54.51%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-83.97%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-67.61%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-85.67%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-42.55%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+43%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-93.23%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-97.18%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-96.16%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-87.92%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (-12.42%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (-16.25%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+119.98%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-76.07%)
Osint SanFramework для сбора данных из открытых источников. В Framework используется большое количество API, их необходимо зарегистрировать самому.
Stars: ✭ 99 (-88.83%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-95.71%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (-29.91%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+288.15%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (-50.11%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-95.15%)
Mr.Holmes🔍 A Complete Osint Tool
Stars: ✭ 307 (-65.35%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-91.08%)
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-97.52%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-71.11%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-57.34%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (-56.32%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+369.75%)
Osi.igInformation Gathering Instagram.
Stars: ✭ 377 (-57.45%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+1.24%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+370.99%)
Z1pZip Codes Validation and Parse.
Stars: ✭ 17 (-98.08%)
PhoneinfogaPhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (+568.96%)
PwndocPentest Report Generator
Stars: ✭ 417 (-52.93%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-51.24%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-51.81%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-98.19%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-51.35%)
GraphqlmapGraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
Stars: ✭ 434 (-51.02%)
PlumhoundBloodhound for Blue and Purple Teams
Stars: ✭ 452 (-48.98%)
Repo SupervisorScan your code for security misconfiguration, search for passwords and secrets. 🔍
Stars: ✭ 482 (-45.6%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-43.57%)