HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (-5.65%)
SyswallWork in progress firewall for Linux syscalls, written in Rust
Stars: ✭ 110 (-11.29%)
Gf SecretsSecret and/ credential patterns used for gf.
Stars: ✭ 96 (-22.58%)
W13scanPassive Security Scanner (被动式安全扫描器)
Stars: ✭ 1,066 (+759.68%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (+380.65%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-57.26%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+4408.06%)
SkyarkSkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Stars: ✭ 526 (+324.19%)
Pcwt Stars: ✭ 46 (-62.9%)
Npq🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (+313.71%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (-25%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+303.23%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+4393.55%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+296.77%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+723.39%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+291.94%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-27.42%)
GobyAttack surface mapping
Stars: ✭ 446 (+259.68%)
PystatAdvanced Netstat Using Python For Windows
Stars: ✭ 44 (-64.52%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+3849.19%)
SojoboA binary analysis framework
Stars: ✭ 116 (-6.45%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-66.13%)
SalusSecurity scanner coordinator
Stars: ✭ 441 (+255.65%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-26.61%)
SpoofcheckSimple script that checks a domain for email protections
Stars: ✭ 437 (+252.42%)
Cookie crimesRead local Chrome cookies without root or decrypting
Stars: ✭ 434 (+250%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (-12.9%)
ToxicAn ncurses-based Tox client (please make pull requests on the development fork: https://github.com/toktok/toxic)
Stars: ✭ 987 (+695.97%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-58.06%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+370.16%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+241.94%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-28.23%)
ChroniclePublic append-only ledger microservice built with Slim Framework
Stars: ✭ 429 (+245.97%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (+692.74%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+241.94%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120 (-3.23%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (+241.13%)
Exein Openwrt PublicOpenwrt 18.06.5 featured with the Exein's security framework
Stars: ✭ 36 (-70.97%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+235.48%)
CspGiven a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
Stars: ✭ 89 (-28.23%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+233.87%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+226.61%)
JwtA JWT (JSON Web Token) Encoder & Decoder
Stars: ✭ 107 (-13.71%)
AdhritAndroid Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (+221.77%)
Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Stars: ✭ 977 (+687.9%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+212.9%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-29.84%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+356.45%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+354.84%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+354.03%)
Fisy FuzzThis is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (-11.29%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (-23.39%)
Openvas ScannerOpen Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+751.61%)