OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+561.01%)
TelemetrysourcererEnumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (-22.03%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (-5.26%)
Awesome Test AutomationA curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com
Stars: ✭ 4,712 (+818.52%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-16.76%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (-28.65%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (-45.61%)
Htrace.shMy simple Swiss Army knife for http/https troubleshooting and profiling.
Stars: ✭ 3,465 (+575.44%)
AutosploitAutomated Mass Exploiter
Stars: ✭ 4,500 (+777.19%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (-22.42%)
Hackertarget🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
Stars: ✭ 320 (-37.62%)
GosecGolang security checker
Stars: ✭ 5,694 (+1009.94%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-24.17%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+789.08%)
Folder LockerIt a tiny tool to lock your folder without compression.
Stars: ✭ 308 (-39.96%)
Envizonnetwork visualization & vulnerability management/reporting
Stars: ✭ 382 (-25.54%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (-42.11%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-17.35%)
BanditBandit is a tool designed to find common security issues in Python code.
Stars: ✭ 3,763 (+633.53%)
Fwanalyzera tool to analyze filesystem images for security
Stars: ✭ 382 (-25.54%)
RmiscoutRMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
Stars: ✭ 296 (-42.3%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (-9.55%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (-43.86%)
PyupA tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
Stars: ✭ 379 (-26.12%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+582.85%)
ChroniclePublic append-only ledger microservice built with Slim Framework
Stars: ✭ 429 (-16.37%)
CloudfruntA tool for identifying misconfigured CloudFront domains
Stars: ✭ 281 (-45.22%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-2.53%)
Kube Psp AdvisorHelp building an adaptive and fine-grained pod security policy
Stars: ✭ 280 (-45.42%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+917.15%)
DgfraudA Deep Graph-based Toolbox for Fraud Detection
Stars: ✭ 281 (-45.22%)
Certificates🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Stars: ✭ 3,693 (+619.88%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (-17.54%)
OffensivedlrToolbox containing research notes & PoC code for weaponizing .NET's DLR
Stars: ✭ 364 (-29.04%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-45.81%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (-47.17%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (-47.95%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (-48.54%)
SalusSecurity scanner coordinator
Stars: ✭ 441 (-14.04%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (-17.54%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-27.88%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-49.12%)
Devops ApiGolang + Beego 编写 提供开发/运维常用操作的HTTP API接口: 手机归属地查询、IP地址查询、工作日节假日判断、微信报警、钉钉报警、2步验证、密码存储、发送邮件、生成随机密码等功能
Stars: ✭ 258 (-49.71%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-28.46%)
Naza🍀 Go basic library. || Go语言基础库
Stars: ✭ 253 (-50.68%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-18.32%)
SpicypassA light-weight password manager with a focus on simplicity and security
Stars: ✭ 367 (-28.46%)
CertaintyAutomated cacert.pem management for PHP projects
Stars: ✭ 255 (-50.29%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (-50.49%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-29.24%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-50.29%)
SpyGenTrojan 🐍 (keylogger, take screenshots, open your webcam) 🔓
Stars: ✭ 115 (-77.58%)
DronesploitDrone pentesting framework console
Stars: ✭ 473 (-7.8%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-14.42%)