RedTeam toolkitRed Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Stars: ✭ 301 (+128.03%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-74.24%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+451.52%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+471.21%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-89.39%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-34.85%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-72.73%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+853.79%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-83.33%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+429.55%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+485.61%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+838.64%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+93.94%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (+106.06%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (+103.03%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+24831.06%)
GoscanInteractive Network Scanner
Stars: ✭ 795 (+502.27%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+487.88%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+5772.73%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-28.79%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+127.27%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-18.94%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+148.48%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+159.09%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (+586.36%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+790.91%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+3053.03%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+896.97%)
PakuriPenetration test Achieve Knowledge Unite Rapid Interface
Stars: ✭ 125 (-5.3%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-31.82%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+193.94%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (+200%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+778.79%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+178.79%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+206.82%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+887.12%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+223.48%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+219.7%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+628.03%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+6300.76%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-70.45%)
NetcatNetCat for Windows
Stars: ✭ 463 (+250.76%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+250.76%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+712.88%)
SkaSimple Karma Attack
Stars: ✭ 55 (-58.33%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: ✭ 1,032 (+681.82%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+718.94%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+717.42%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-23.48%)