revshfuzzA tool for fuzzing for ports that allow outgoing connections
Stars: ✭ 18 (-86.36%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-40.91%)
Nmap-ParserParse nmap scan data with Perl (official repo)
Stars: ✭ 30 (-77.27%)
SwiftnessxA cross-platform note-taking & target-tracking app for penetration testers.
Stars: ✭ 673 (+409.85%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-28.79%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+637.88%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+3061.36%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+284.09%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-0.76%)
Vulnerable AdCreate a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360 (+172.73%)
SitadelWeb Application Security Scanner
Stars: ✭ 360 (+172.73%)
Nraynray distributed port scanner
Stars: ✭ 125 (-5.3%)
EspkeyWiegand data logger, replay device and micro door-controller
Stars: ✭ 114 (-13.64%)
Hunter(l)user hunter using WinAPI calls only
Stars: ✭ 359 (+171.97%)
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
Stars: ✭ 29 (-78.03%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+388.64%)
altprobecollector for XDR and security posture service
Stars: ✭ 62 (-53.03%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+387.88%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+816.67%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+804.55%)
kumasia./kumasia php simple backdoor
Stars: ✭ 13 (-90.15%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-81.06%)
RidrelayEnumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Stars: ✭ 359 (+171.97%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+218.94%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+643.94%)
Objection📱 objection - runtime mobile exploration
Stars: ✭ 4,404 (+3236.36%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (+365.15%)
Searpy🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (-21.21%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+789.39%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (-59.85%)
PrintspooferAbusing Impersonation Privileges on Windows 10 and Server 2019
Stars: ✭ 613 (+364.39%)
lazyaircrackAutomated tool for WiFi hacking.
Stars: ✭ 301 (+128.03%)
BadpodsA collection of manifests that will create pods with elevated privileges.
Stars: ✭ 93 (-29.55%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (+644.7%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+170.45%)
dark-lord-obamaAV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities
Stars: ✭ 61 (-53.79%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+359.85%)
showmeRapid diagnostic system status tool (performance monitoring, network scanning, mysql performance monitoring, kubectl status)
Stars: ✭ 24 (-81.82%)
GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
Stars: ✭ 66 (-50%)
BeeloggerGenerate Gmail Emailing Keyloggers to Windows.
Stars: ✭ 605 (+358.33%)
Pentest LabPentest Lab on OpenStack with Heat, Chef provisioning and Docker
Stars: ✭ 353 (+167.42%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-13.64%)
Foolavcfoolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
Stars: ✭ 93 (-29.55%)
Dnsbrutea fast domain brute tool
Stars: ✭ 352 (+166.67%)
Cve 2019 07083389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Stars: ✭ 350 (+165.15%)
Grab.jsfast TCP banner grabbing with node.js
Stars: ✭ 33 (-75%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+161.36%)
Enum4linux NgA next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Stars: ✭ 349 (+164.39%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+162.12%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-13.64%)
P0wny ShellSingle-file PHP shell
Stars: ✭ 949 (+618.94%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+161.36%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (+157.58%)