Attack ToolsUtilities for MITRE™ ATT&CK
Stars: ✭ 810 (+852.94%)
PwndocPentest Report Generator
Stars: ✭ 417 (+390.59%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+843.53%)
PoweropsPowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
Stars: ✭ 412 (+384.71%)
Oscp PwkThis is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.
Stars: ✭ 406 (+377.65%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (+376.47%)
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-7.06%)
Pi Pwnbox RogueapHomemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Stars: ✭ 798 (+838.82%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+9020%)
ParadoxiaratParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (+364.71%)
GoscanInteractive Network Scanner
Stars: ✭ 795 (+835.29%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+356.47%)
SsrfmapSimple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (-41.18%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+824.71%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+812.94%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+357.65%)
BackdorosbackdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.
Stars: ✭ 50 (-41.18%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+812.94%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+7825.88%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+348.24%)
MilkyA .NET Standard library for pentesting web apps against credential stuffing attacks.
Stars: ✭ 49 (-42.35%)
SqlmapAutomatic SQL injection and database takeover tool
Stars: ✭ 21,907 (+25672.94%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+344.71%)
RaasnetOpen-Source Ransomware As A Service for Linux, MacOS and Windows
Stars: ✭ 371 (+336.47%)
Azure SentinelCloud-native SIEM for intelligent security analytics for your entire enterprise.
Stars: ✭ 1,208 (+1321.18%)
Awesome Cobaltstrikecobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
Stars: ✭ 1,157 (+1261.18%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+1114.12%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+6038.82%)
Vulnhub Ctf WriteupsThis cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Stars: ✭ 368 (+332.94%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+332.94%)
FlareAn analytical framework for network traffic and behavioral analytics
Stars: ✭ 363 (+327.06%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+794.12%)
Vulnerable AdCreate a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360 (+323.53%)
PentestingazureappsScript samples from the book Pentesting Azure Applications (2018, No Starch Press)
Stars: ✭ 69 (-18.82%)
Owasp MasvsThe Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
Stars: ✭ 1,030 (+1111.76%)
Packer FuzzerPacker Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Stars: ✭ 753 (+785.88%)
SitadelWeb Application Security Scanner
Stars: ✭ 360 (+323.53%)
RidrelayEnumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Stars: ✭ 359 (+322.35%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+1101.18%)
Pidense🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)
Stars: ✭ 358 (+321.18%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+787.06%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+320%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+1102.35%)
Poshc2A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Stars: ✭ 747 (+778.82%)
WalrusAn Android app that lets you use your access control card cloning devices in the field.
Stars: ✭ 350 (+311.76%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+772.94%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (+305.88%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (+300%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+302.35%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-20%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+756.47%)