haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-61.94%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+138.99%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+198.54%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-40.32%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-37.14%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-32.49%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+324.14%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-57.56%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+364.59%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-33.69%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-87.14%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-34.75%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+2.79%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-71.88%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+19.89%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+78.25%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+50.66%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-92.97%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+64.32%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+42.31%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-84.75%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-86.07%)
GraphqlmapGraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
Stars: ✭ 434 (-42.44%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+731.56%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-3.85%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (-22.28%)
old vespeneDISCONTINUED: a frozen fork will exist forever at mpdehaan/vespene
Stars: ✭ 672 (-10.88%)
ZeratoolAutomatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
Stars: ✭ 584 (-22.55%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-22.68%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (-7.29%)
Exploit meVery vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)
Stars: ✭ 665 (-11.8%)
KubesphereThe container platform tailored for Kubernetes multi-cloud, datacenter, and edge management ⎈ 🖥 ☁️
Stars: ✭ 8,315 (+1002.79%)
Yearning🐳 A most popular sql audit platform for mysql
Stars: ✭ 5,963 (+690.85%)
FwknopSingle Packet Authorization > Port Knocking
Stars: ✭ 664 (-11.94%)
CabotSelf-hosted, easily-deployable monitoring and alerts service - like a lightweight PagerDuty
Stars: ✭ 5,209 (+590.85%)
PyrdpRDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Stars: ✭ 567 (-24.8%)
KotlessKotlin Serverless Framework
Stars: ✭ 721 (-4.38%)
Awesome DevopsA curated list of resources for Devops
Stars: ✭ 697 (-7.56%)
EvilurlGenerate unicode evil domains for IDN Homograph Attack and detect them.
Stars: ✭ 654 (-13.26%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-24.93%)
Opsdroid🤖 An open source chat-ops bot framework
Stars: ✭ 563 (-25.33%)
Awesome CtfA curated list of CTF frameworks, libraries, resources and softwares
Stars: ✭ 6,465 (+757.43%)
Ctf weba project aim to collect CTF web practices .
Stars: ✭ 564 (-25.2%)
MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (-7.69%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (-25.33%)
Swagger StatsAPI Observability. Trace API calls and Monitor API performance, health and usage statistics in Node.js Microservices.
Stars: ✭ 559 (-25.86%)
CiscoconfparseParse, Audit, Query, Build, and Modify Cisco IOS-style configurations. Python Infrastructure as Code (IaC) for Cisco IOS (and other vendors).
Stars: ✭ 562 (-25.46%)
StackerAn AWS CloudFormation Stack orchestrator/manager.
Stars: ✭ 656 (-13%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-26.26%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (-3.45%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (-5.17%)
GiteaGit with a cup of tea, painless self-hosted git service
Stars: ✭ 27,320 (+3523.34%)
IpbanIPBan Monitors failed logins and bad behavior and bans ip addresses on Windows and Linux. Highly configurable, lean and powerful. Learn more at -->
Stars: ✭ 652 (-13.53%)
TerratestTerratest is a Go library that makes it easier to write automated tests for your infrastructure code.
Stars: ✭ 5,797 (+668.83%)
GuideKubernetes clusters for the hobbyist.
Stars: ✭ 5,150 (+583.02%)
Scaleway CliCommand Line Interface for Scaleway
Stars: ✭ 654 (-13.26%)