Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+4134.85%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+4121.21%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+341.67%)
PyrdpRDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Stars: ✭ 567 (+329.55%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-48.48%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (+329.55%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (-21.97%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+326.52%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+323.48%)
XshockXSHOCK Shellshock Exploit
Stars: ✭ 65 (-50.76%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+4402.27%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-21.97%)
NmapNmap - the Network Mapper. Github mirror of official SVN repository.
Stars: ✭ 5,792 (+4287.88%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+757.58%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+317.42%)
Smtptestersmall python3 tool to check common vulnerabilities in SMTP servers
Stars: ✭ 102 (-22.73%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+317.42%)
Awesome Internet ScanningA curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.
Stars: ✭ 130 (-1.52%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1291.67%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+1175.76%)
NaabuA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Stars: ✭ 1,121 (+749.24%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (+313.64%)
Attack Surface Detector BurpThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 63 (-52.27%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+4153.79%)
Hscan集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;使用oneforall自动遍历子域名并扫描;
Stars: ✭ 63 (-52.27%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (+303.79%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+950.76%)
NeedleThe iOS Security Testing Framework
Stars: ✭ 1,122 (+750%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (-53.03%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+288.64%)
Burp ParamalyzerParamalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
Stars: ✭ 102 (-22.73%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+285.61%)
RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
Stars: ✭ 1,109 (+740.15%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+4025%)
WeirdaalWeirdAAL (AWS Attack Library)
Stars: ✭ 503 (+281.06%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+278.03%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-4.55%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-10.61%)
Commando VmComplete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution.
[email protected] Stars: ✭ 5,030 (+3710.61%)
Nim SmbexecSMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique
Stars: ✭ 59 (-55.3%)
Awvs DecodeThe best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法,仅15行代码!
Stars: ✭ 488 (+269.7%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+933.33%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-56.06%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (+266.67%)
HackerproAll in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
Stars: ✭ 474 (+259.09%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+4650%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+928.03%)
Pathwar☠️ The Pathwar Project ☠️
Stars: ✭ 58 (-56.06%)