NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+750.21%)
Wahh extrasThe Web Application Hacker's Handbook - Extra Content
Stars: ✭ 428 (-38.77%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-82.26%)
TelekillerA Tools Session Hijacking And Stealer Local Passcode Telegram Windows
Stars: ✭ 122 (-82.55%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+175.82%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+783.4%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (-40.06%)
GoaltdnsA permutation generation tool written in golang
Stars: ✭ 119 (-82.98%)
PwndocPentest Report Generator
Stars: ✭ 417 (-40.34%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-79.11%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (-3%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-33.76%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-76.82%)
Zeebsploitweb scanner - exploitation - information gathering
Stars: ✭ 159 (-77.25%)
phomberPhomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: ✭ 59 (-91.56%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+320.89%)
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Stars: ✭ 276 (-60.52%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-75.54%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-73.82%)
TechnowloggerTechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
Stars: ✭ 172 (-75.39%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-42.35%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-73.1%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-76.25%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-70.82%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (-71.1%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-71.53%)
BugbountyscannerA Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
Stars: ✭ 229 (-67.24%)
RubyfuRubyfu, where Ruby goes evil!
Stars: ✭ 228 (-67.38%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (-3.15%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-79.97%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-43.92%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (-60.94%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (-79.97%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-57.94%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-35.62%)
PywerviewA (partial) Python rewriting of PowerSploit's PowerView
Stars: ✭ 292 (-58.23%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+403.72%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-27.9%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (-62.8%)
filter-var-sqliBypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
Stars: ✭ 29 (-95.85%)
clairvoyanceObtain GraphQL API Schema even if the introspection is not enabled
Stars: ✭ 448 (-35.91%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-96.71%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (-63.95%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+495.42%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-97.57%)
lazyGrandmaa shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves
Stars: ✭ 49 (-92.99%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-93.56%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (-56.51%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (-21.17%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (-59.66%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-53.93%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+440.63%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+3987.12%)