graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (+195.45%)
peneworkPenetration Test Framwork
Stars: ✭ 24 (-72.73%)
peniotPENIOT: Penetration Testing Tool for IoT
Stars: ✭ 164 (+86.36%)
pyhtoolsA Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.
Stars: ✭ 166 (+88.64%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (+55.68%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-85.23%)
pentesting-notesNotes from OSCP, CTF, security adventures, etc...
Stars: ✭ 38 (-56.82%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-78.41%)
SolnetSolana's .NET SDK and integration library.
Stars: ✭ 252 (+186.36%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+136.36%)
xmlrpc-bruteforcerAn XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)
Stars: ✭ 62 (-29.55%)
XRPCdotnet high performance remote interface and delegate invoke(RPC) communication components,support millions RPS remote interface method invokes
Stars: ✭ 77 (-12.5%)
rpcRPC-like client-service implementation over messaging queue
Stars: ✭ 26 (-70.45%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-65.91%)
S3ScanScript to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-76.14%)
pentest-toolsGeneral stuff for pentesting - password cracking, phishing, automation, Kali, etc.
Stars: ✭ 52 (-40.91%)
webreconAutomated Web Recon Shell Scripts
Stars: ✭ 48 (-45.45%)
Offensive-Security-CayuqueoScripts usados en mi formación de Offensive Security por medio de la suscripción Learn Unlimited
Stars: ✭ 14 (-84.09%)
filter-var-sqliBypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
Stars: ✭ 29 (-67.05%)
WPCrackerWordPress pentest tool
Stars: ✭ 34 (-61.36%)
toolsTools used for Penetration testing / Red Teaming
Stars: ✭ 63 (-28.41%)
sshamebrute force SSH public-key authentication
Stars: ✭ 43 (-51.14%)
mec-ngpentest toolbox
Stars: ✭ 28 (-68.18%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-73.86%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-71.59%)
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Stars: ✭ 109 (+23.86%)
FYIMy last 10 year's material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much more.
Stars: ✭ 194 (+120.45%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+43.18%)
nodejs grpcGRPC based API CRUD using Nodejs at both server and client side
Stars: ✭ 17 (-80.68%)
huntkitDocker - Ubuntu with a bunch of PenTesting tools and wordlists
Stars: ✭ 51 (-42.05%)
AutoPentest-DRLAutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning
Stars: ✭ 196 (+122.73%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-82.95%)
Dark-PhishDark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.
Stars: ✭ 57 (-35.23%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-48.86%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (+26.14%)
near-jsonrpc-client-rsLower-level API for interfacing with the NEAR Protocol via JSONRPC.
Stars: ✭ 32 (-63.64%)
DNSExplorerBash script that automates the enumeration of domains and DNS servers in the active information gathering.
Stars: ✭ 33 (-62.5%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (+44.32%)
reverieAutomated Pentest Tools Designed For Parrot Linux
Stars: ✭ 77 (-12.5%)
AntiEye:.IP webcam penetration test suit.:
Stars: ✭ 21 (-76.14%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-34.09%)
metagoofilSearch Google and download specific file types
Stars: ✭ 174 (+97.73%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-21.59%)
hrpcCommon interface definition based rpc implementation
Stars: ✭ 21 (-76.14%)
AlfredA friendly Toolkit for Beginner CTF players
Stars: ✭ 39 (-55.68%)
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
Stars: ✭ 76 (-13.64%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (+101.14%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-39.77%)
warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Stars: ✭ 53 (-39.77%)
clairvoyanceObtain GraphQL API Schema even if the introspection is not enabled
Stars: ✭ 448 (+409.09%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-80.68%)
STEWSA Security Tool for Enumerating WebSockets
Stars: ✭ 154 (+75%)
Red-Rabbit-V4The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (+39.77%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (-42.05%)
c2A simple, extensible C&C beaconing system.
Stars: ✭ 93 (+5.68%)