LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-64.29%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+238.57%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-82.14%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-5.71%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-7.14%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+221.43%)
HabuHacking Toolkit
Stars: ✭ 635 (+353.57%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+545.71%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (+89.29%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-80%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-75%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+130%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+187.86%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+23406.43%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+399.29%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+5437.14%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+445.71%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+474.29%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-72.86%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+687.86%)
Eyes.shLet's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-36.43%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-32.86%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-41.43%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+840%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+110%)
PwndocPentest Report Generator
Stars: ✭ 417 (+197.86%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+383.57%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+5075.71%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (+180%)
Msploitego Pentesting suite for Maltego based on data in a Metasploit database
Stars: ✭ 124 (-11.43%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+586.43%)
SkaSimple Karma Attack
Stars: ✭ 55 (-60.71%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+530.71%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-38.57%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+799.29%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+177.86%)
PakuriPenetration test Achieve Knowledge Unite Rapid Interface
Stars: ✭ 125 (-10.71%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+0%)
Black WidowGUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124 (-11.43%)
Mitm Scripts🔄 A collection of mitmproxy inline scripts
Stars: ✭ 109 (-22.14%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-10.71%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-23.57%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+1268.57%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-5%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-26.43%)
DnsmorphDomain name permutation engine written in Go
Stars: ✭ 148 (+5.71%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1277.14%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+4.29%)
TigersharkBilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.
Stars: ✭ 212 (+51.43%)
DarksideTool Information Gathering & social engineering Write By [Python,JS,PHP]
Stars: ✭ 159 (+13.57%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+52.86%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+72.14%)