PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+18182.78%)
sharkBest Tool For Phishing, Future Of Phishing
Stars: ✭ 238 (+32.22%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-28.89%)
RPCScanTool to communicate with RPC services and check misconfigurations on NFS shares
Stars: ✭ 53 (-70.56%)
k8badusbBadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit
Stars: ✭ 32 (-82.22%)
ShellpopPop shells like a master.
Stars: ✭ 1,279 (+610.56%)
Dark-PhishDark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.
Stars: ✭ 57 (-68.33%)
Awvs DecodeThe best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法,仅15行代码!
Stars: ✭ 488 (+171.11%)
Facebook-phishingPhishing Facebook Page in Django Code(Python Based)
Stars: ✭ 129 (-28.33%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-3.33%)
TgaHackingSocial Media Hacking & Information Tool
Stars: ✭ 71 (-60.56%)
DirbleFast directory scanning and scraping tool
Stars: ✭ 468 (+160%)
woodpeckerCustom security distro for remote penetration testing
Stars: ✭ 45 (-75%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+588.33%)
PhishruffusIntelligent threat hunter and phishing servers
Stars: ✭ 44 (-75.56%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-56.11%)
PhishingkittrackerLet's track phishing kits to give to research community raw material to study !
Stars: ✭ 126 (-30%)
VisualBasicObfuscatorVisual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
Stars: ✭ 115 (-36.11%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+145.56%)
nclnuclei framework scripts
Stars: ✭ 25 (-86.11%)
Nac bypassScript collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-56.11%)
skweezFast website scraper and wordlist generator
Stars: ✭ 49 (-72.78%)
GraphqlmapGraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
Stars: ✭ 434 (+141.11%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (-33.33%)
StuffUnsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
Stars: ✭ 146 (-18.89%)
ApeXUsing Social Engineering To Obtain WiFi Passwords
Stars: ✭ 87 (-51.67%)
PowerhubA post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
Stars: ✭ 431 (+139.44%)
SpartySparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]
Stars: ✭ 75 (-58.33%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+275.56%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+132.78%)
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
Stars: ✭ 76 (-57.78%)
Nraynray distributed port scanner
Stars: ✭ 125 (-30.56%)
Phishing-DatasetPhishing dataset with more than 88,000 instances and 111 features. Web application available at. https://gregavrbancic.github.io/Phishing-Dataset/
Stars: ✭ 21 (-88.33%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-70.56%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+553.33%)
leetspeekOpen and collaborative content from leet hackers!
Stars: ✭ 11 (-93.89%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+123.89%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-7.78%)
Blackeye-for-WindowsThis is a Phishing tool. Phishing is a type of hacking also called credential harvesting. It creates fake websites for victims to login which saves their login info which includes IP, User-Agent, Username and Password to a file in the computer running Blackeye. This tool has been there for Linux and even Android via Termux. I converted it to Win…
Stars: ✭ 38 (-78.89%)
GdogA fully featured Windows backdoor that uses Gmail as a C&C server
Stars: ✭ 399 (+121.67%)
PhishiousAn open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
Stars: ✭ 397 (+120.56%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+544.44%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-21.11%)
Ss7maperSS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/
Stars: ✭ 394 (+118.89%)
termux-wifiBash script which installs and runs the Fluxion tool inside Termux, a wireless security auditing tool used to perform attacks such as WPA/WPA2 cracking and MITM attacks.
Stars: ✭ 406 (+125.56%)
PurplecloudAn Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
Stars: ✭ 122 (-32.22%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-86.67%)
Pentesterspecialdict渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
Stars: ✭ 391 (+117.22%)
EnigmaMultiplatform payload dropper
Stars: ✭ 180 (+0%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-1.67%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-16.67%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-26.67%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+330.56%)