ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-36.84%)
Privacy RespectingCurated List of Privacy Respecting Services and Software
Stars: ✭ 1,663 (+872.51%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-14.04%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-29.82%)
ExeinExein core for Linux based firmware
Stars: ✭ 158 (-7.6%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120 (-29.82%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-14.62%)
Cloud Discovery Cloud Discovery provides a point in time enumeration of all the cloud native platform services
Stars: ✭ 119 (-30.41%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-4.68%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-32.16%)
AnsibleplaybooksA collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
Stars: ✭ 143 (-16.37%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (-31.58%)
SojoboA binary analysis framework
Stars: ✭ 116 (-32.16%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-33.92%)
Rastrea2rCollecting & Hunting for IOCs with gusto and style
Stars: ✭ 169 (-1.17%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-18.13%)
Bag Of HoldingAn application to assist in the organization and prioritization of software security activities.
Stars: ✭ 114 (-33.33%)
Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (+1320.47%)
Netsec Ps ScriptsCollection of PowerShell network security scripts for system administrators.
Stars: ✭ 139 (-18.71%)
Outisoutis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).
Stars: ✭ 111 (-35.09%)
AndroidlibraryAndroid library to reveal or obfuscate strings and assets at runtime
Stars: ✭ 162 (-5.26%)
Docbleach🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software
Stars: ✭ 110 (-35.67%)
Cli🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Stars: ✭ 2,151 (+1157.89%)
Fisy FuzzThis is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (-35.67%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-11.11%)
Backfuzzprotocol fuzzing toolkit
Stars: ✭ 106 (-38.01%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+966.67%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-0.58%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-38.6%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-38.6%)
JwtA JWT (JSON Web Token) Encoder & Decoder
Stars: ✭ 107 (-37.43%)
ApisecuritybestpracticesResources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
Stars: ✭ 1,745 (+920.47%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-12.28%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-22.22%)
KarnSimplifying Seccomp enforcement in containerized or non-containerized apps
Stars: ✭ 104 (-39.18%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-39.77%)
UddupUrls de-duplication tool for better recon.
Stars: ✭ 103 (-39.77%)
Web ShellsSome of the best web shells that you might need!
Stars: ✭ 162 (-5.26%)
DiscordcryptEnd-To-End File & Message Encryption For Discord
Stars: ✭ 150 (-12.28%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-21.64%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+691.81%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-40.94%)
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (+931.58%)
FugaciousOSSSM (awesome). Open source short-term secure messaging
Stars: ✭ 100 (-41.52%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-12.28%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1194.15%)
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Stars: ✭ 100 (-41.52%)
PowershellarmouryA PowerShell armoury for penetration testers or other random security guys
Stars: ✭ 99 (-42.11%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-23.39%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-42.11%)
Bountystrike ShPoor (rich?) man's bug bounty pipeline
Stars: ✭ 168 (-1.75%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-5.26%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1430.41%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-23.98%)
SliverAdversary Simulation Framework
Stars: ✭ 1,348 (+688.3%)
SquealerTelling tales on you for leaking secrets!
Stars: ✭ 97 (-43.27%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-25.15%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-43.27%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-12.87%)