CoogleA shot-for-shot remake of the Google Login Page.
Stars: ✭ 34 (-87.17%)
NTPDoserNTP Doser is a NTP Amplification DoS/DDoS attack tool for penttesting
Stars: ✭ 96 (-63.77%)
frisbeeCollect email addresses by crawling search engine results.
Stars: ✭ 29 (-89.06%)
Black WidowGUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124 (-53.21%)
c2A simple, extensible C&C beaconing system.
Stars: ✭ 93 (-64.91%)
brutekragPenetration tests on SSH servers using brute force or dictionary attacks. Written in Python.
Stars: ✭ 30 (-88.68%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+493.21%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-3.4%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-90.57%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-89.81%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+7.55%)
peniotPENIOT: Penetration Testing Tool for IoT
Stars: ✭ 164 (-38.11%)
teatimeAn RPC attack framework for Blockchain nodes.
Stars: ✭ 88 (-66.79%)
rustcatRustcat(rcat) - The modern Port listener and Reverse shell
Stars: ✭ 505 (+90.57%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-36.98%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-60.38%)
doubletapA very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...
Stars: ✭ 23 (-91.32%)
WPA2-FritzBox-Pswd-Wordlist-GeneratorThis Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.
Stars: ✭ 22 (-91.7%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-88.3%)
organonThis program focuses on automating the download, installation and compilation of pentest tools from source
Stars: ✭ 36 (-86.42%)
DumbDumain Bruteforcer - a fast and flexible domain bruteforcer
Stars: ✭ 54 (-79.62%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-87.55%)
YamsA collection of Ansible roles for automating infosec builds.
Stars: ✭ 98 (-63.02%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-92.08%)
ViPERWeb App Pen Tester (Web Interface)
Stars: ✭ 19 (-92.83%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-66.04%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-95.09%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+134.72%)
webreconAutomated Web Recon Shell Scripts
Stars: ✭ 48 (-81.89%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (-78.11%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-59.62%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+371.32%)
ftpknocker🔑 ftpknocker is a multi-threaded scanner for finding anonymous FTP servers
Stars: ✭ 38 (-85.66%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-69.06%)
vsauditVOIP Security Audit Framework
Stars: ✭ 104 (-60.75%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-70.19%)
nclnuclei framework scripts
Stars: ✭ 25 (-90.57%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+378.11%)
NarthexModular personalized dictionary generator.
Stars: ✭ 156 (-41.13%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-93.58%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (-81.13%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-74.34%)
skweezFast website scraper and wordlist generator
Stars: ✭ 49 (-81.51%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (+46.42%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-76.6%)
Industrial-Security-Auditing-FrameworkISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (-83.77%)
GetPwdIt's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)
Stars: ✭ 46 (-82.64%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-52.08%)
report-ngGenerate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
Stars: ✭ 62 (-76.6%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-67.55%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-91.32%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (-63.77%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (-68.68%)
mobilehacktoolsA repository for scripting a mobile attack toolchain
Stars: ✭ 61 (-76.98%)
xecaPowerShell payload generator
Stars: ✭ 103 (-61.13%)
keyscopeKeyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
Stars: ✭ 369 (+39.25%)