AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-10%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+1565.71%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-5.71%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-25%)
SubrakeA Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
Stars: ✭ 125 (-10.71%)
Ransom0Ransom0 is a open source ransomware made with Python, designed to find and encrypt user data.
Stars: ✭ 105 (-25%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-26.43%)
Smtptestersmall python3 tool to check common vulnerabilities in SMTP servers
Stars: ✭ 102 (-27.14%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+1187.14%)
Burp ParamalyzerParamalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
Stars: ✭ 102 (-27.14%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-12.86%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+874.29%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-2.86%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-30.71%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-13.57%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-6.43%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-31.43%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+1102.86%)
Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-32.14%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-4.29%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (-33.57%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+830.71%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1507.86%)
KatzkatzPython3 script to parse txt files containing Mimikatz output
Stars: ✭ 91 (-35%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (-17.14%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+990%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-37.86%)
Secure Ios App DevCollection of the most common vulnerabilities found in iOS applications
Stars: ✭ 1,288 (+820%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-17.14%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (-37.86%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-8.57%)
Watf BankWaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
Stars: ✭ 87 (-37.86%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (-18.57%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-37.86%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-37.86%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-4.29%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+1130%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-18.57%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+805.71%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-18.57%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-39.29%)
Rails Security Checklist🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Stars: ✭ 1,265 (+803.57%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-18.57%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-40%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+792.14%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1123.57%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+785%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-41.43%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-5.71%)
DnstrickerA simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-8.57%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+1297.14%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-41.43%)
Web exploit detectorThe Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
Stars: ✭ 81 (-42.14%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-19.29%)