Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (-26.41%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (-32.03%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (-13.57%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (-12.59%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+581.17%)
ScapyScapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Stars: ✭ 6,932 (+747.43%)
SkyarkSkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Stars: ✭ 526 (-35.7%)
WhalerProgram to reverse Docker images into Dockerfiles
Stars: ✭ 670 (-18.09%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (-21.15%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-11.37%)
Embaemba - An analyzer for Linux-based firmware of embedded devices.
Stars: ✭ 607 (-25.79%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (-6.23%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (-27.14%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (-31.17%)
EsdEnumeration sub domains(枚举子域名)
Stars: ✭ 785 (-4.03%)
CyphonOpen source incident management and response platform.
Stars: ✭ 543 (-33.62%)
R0akr0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
Stars: ✭ 698 (-14.67%)
Npq🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (-37.29%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (-9.66%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-38.88%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (-17.73%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+741.32%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (-40.59%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+667.85%)
HabuHacking Toolkit
Stars: ✭ 635 (-22.37%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (-6.6%)
Security ListPenetrum LLC opensource security tool list.
Stars: ✭ 619 (-24.33%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (-11%)
Articles Translator📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (-25.92%)
PompemFind exploit tool
Stars: ✭ 786 (-3.91%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (-26.53%)
Fail2banDaemon to ban hosts that cause multiple authentication errors
Stars: ✭ 6,677 (+716.26%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+583.37%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-7.09%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-30.81%)
Gg ShieldDetect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Stars: ✭ 708 (-13.45%)
Anti Ddos🔒 Anti DDOS | Bash Script Project 🔒
Stars: ✭ 561 (-31.42%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (-1.96%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-33.5%)
HardeningHardening Ubuntu. Systemd edition.
Stars: ✭ 705 (-13.81%)
SipviciousSIPVicious OSS is a set of security tools that can be used to audit SIP based VoIP systems.
Stars: ✭ 541 (-33.86%)
Grauditgrep rough audit - source code auditing tool
Stars: ✭ 747 (-8.68%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (-37.41%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-36.8%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-5.26%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-37.78%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (-17.36%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-39%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (-9.9%)
Cs SuiteCloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (-0.37%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (-2.69%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-5.26%)
Red BaronAutomate creating resilient, disposable, secure and agile infrastructure for Red Teams.
Stars: ✭ 662 (-19.07%)