SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+646.67%)
SharkFuture Of Phishing With less delay
Stars: ✭ 150 (-16.67%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-46.67%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-27.78%)
Url ClassificationMachine learning to classify Malicious (Spam)/Benign URL's
Stars: ✭ 95 (-47.22%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-5.56%)
RobustpentestmacroThis is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.
Stars: ✭ 95 (-47.22%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-27.78%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+631.11%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-17.22%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-28.89%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (+610.56%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-3.33%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+588.33%)
PhishingkittrackerLet's track phishing kits to give to research community raw material to study !
Stars: ✭ 126 (-30%)
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-56.11%)
StuffUnsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
Stars: ✭ 146 (-18.89%)
SpartySparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]
Stars: ✭ 75 (-58.33%)
Nraynray distributed port scanner
Stars: ✭ 125 (-30.56%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+553.33%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-7.78%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+544.44%)
PurplecloudAn Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
Stars: ✭ 122 (-32.22%)
Ntlmscanscan for NTLM directories
Stars: ✭ 141 (-21.67%)
Pathwar☠️ The Pathwar Project ☠️
Stars: ✭ 58 (-67.78%)
EtherscamdbKeep track of all current ethereum scams in a large database
Stars: ✭ 121 (-32.78%)
EvilgradeEvilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
Stars: ✭ 1,086 (+503.33%)
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Stars: ✭ 177 (-1.67%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+496.11%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+982.78%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+398.33%)
Recreator PhishingPROFESSIONAL TOOL ORIENTED IN THE RECREATION OF PHISHING WEBSITES SCENARIOS
Stars: ✭ 136 (-24.44%)
ShellphishPhishing Tool for 18 social media: Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest
Stars: ✭ 1,037 (+476.11%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-35.56%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-9.44%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+460.56%)
VulrecVulnerability Recurrence:漏洞复现记录
Stars: ✭ 109 (-39.44%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-78.33%)
Sec ToolsDocker images for infosec tools
Stars: ✭ 135 (-25%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+4593.89%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-40%)
TechnowloggerTechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
Stars: ✭ 172 (-4.44%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+392.22%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+742.22%)
SootyThe SOC Analysts all-in-one CLI tool to automate and speed up workflow.
Stars: ✭ 867 (+381.67%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-26.11%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+367.22%)
StinkyphishMonitor Certificate Transparency Logs For Phishing Domains
Stars: ✭ 25 (-86.11%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-14.44%)
Blackphish🔱 [ Phishing Made Easy ] 🔱 (In Beta)
Stars: ✭ 133 (-26.11%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-43.89%)
Grayfishlight weight phishing framework with 18+ pages.
Stars: ✭ 101 (-43.89%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+670.56%)
EnigmaMultiplatform payload dropper
Stars: ✭ 180 (+0%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-1.67%)