Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1212.14%)
FawkesFawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.
Stars: ✭ 108 (-22.86%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+740.71%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+3910.71%)
RaasnetOpen-Source Ransomware As A Service for Linux, MacOS and Windows
Stars: ✭ 371 (+165%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-12.86%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+3627.14%)
PytosA Python SDK for Tufin Orchestration Suite
Stars: ✭ 49 (-65%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+162.86%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+874.29%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+637.14%)
RidrelayEnumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Stars: ✭ 359 (+156.43%)
SilentbridgeSilentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
Stars: ✭ 136 (-2.86%)
W3afw3af: web application attack and audit framework, the open source web vulnerability scanner.
Stars: ✭ 3,804 (+2617.14%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-68.57%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+153.57%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-30.71%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+146.43%)
Local File Disclosure Sql Injection LabThis is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)
Stars: ✭ 41 (-70.71%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+147.14%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-13.57%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-72.86%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+144.29%)
CloudsploitCloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (+855.71%)
TlsfuzzerSSL and TLS protocol test suite and fuzzer
Stars: ✭ 335 (+139.29%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (+602.14%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-6.43%)
DnsliveryEasy files and payloads delivery over DNS
Stars: ✭ 332 (+137.14%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+5935%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (+131.43%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-31.43%)
P0wny ShellSingle-file PHP shell
Stars: ✭ 949 (+577.86%)
Webapp ChecklistTechnical details that a programmer of a web application should consider before making the site public.
Stars: ✭ 320 (+128.57%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+1102.86%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+126.43%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-80.71%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+92.14%)
Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-32.14%)
WebanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (+122.14%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+530.71%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-4.29%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+3157.86%)
FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+2766.43%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (-33.57%)
Leviathanwide range mass audit toolkit
Stars: ✭ 862 (+515.71%)
WirespyFramework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Stars: ✭ 293 (+109.29%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-48.57%)
Npq🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (+266.43%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+269.29%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-22.86%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+738.57%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+266.43%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-49.29%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+263.57%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+260%)