Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+278.79%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+381.82%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+5113.64%)
ServerscanServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Stars: ✭ 674 (+410.61%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-32.58%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-74.24%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+272.73%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (+370.45%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-3.03%)
Watf BankWaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
Stars: ✭ 87 (-34.09%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+579.55%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+1062.88%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (+868.94%)
BrutusA Python-powered exploitation framework and botnet.
Stars: ✭ 17 (-87.12%)
Jsql InjectionjSQL Injection is a Java application for automatic SQL database injection.
Stars: ✭ 891 (+575%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-34.09%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-87.88%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+532.58%)
Black WidowGUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124 (-6.06%)
Awesome Terminal CommandsAn awesome resource listing and explaining various commonly used *nix commands
Stars: ✭ 109 (-17.42%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-34.09%)
ScriptsScripts I use during pentest engagements.
Stars: ✭ 834 (+531.82%)
HashtopolisA Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (+532.58%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+531.06%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+6806.06%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+860.61%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+516.67%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+507.58%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+1204.55%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-6.06%)
VulrecVulnerability Recurrence:漏洞复现记录
Stars: ✭ 109 (-17.42%)
PompemFind exploit tool
Stars: ✭ 786 (+495.45%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-36.36%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+495.45%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+487.88%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+5003.79%)
C2hackC2Hack, sharing tips and tricks for pentesters
Stars: ✭ 124 (-6.06%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (-18.18%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+842.42%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+487.12%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+481.06%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-18.18%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-37.88%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+475.76%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-37.88%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-6.82%)
Awesome HackingA collection of various awesome lists for hackers, pentesters and security researchers
Stars: ✭ 48,038 (+36292.42%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-37.88%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+462.12%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-38.64%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+1048.48%)
HoundsploitAn advanced graphical search engine for Exploit-DB
Stars: ✭ 81 (-38.64%)