FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+277.57%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+269.66%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-68.24%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (-65.17%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (-23.85%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+392.68%)
Pentest Tools FrameworkPentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 48 (-94.33%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-95.28%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+313.58%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (-24.44%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+755.49%)
JsshellAn interactive multi-user web JS shell
Stars: ✭ 330 (-61.04%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (-61.75%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-61.28%)
DnsliveryEasy files and payloads delivery over DNS
Stars: ✭ 332 (-60.8%)
RbndrSimple DNS Rebinding Service
Stars: ✭ 343 (-59.5%)
Sanic Ms基于sanic的微服务基础架构
Stars: ✭ 336 (-60.33%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (-59.27%)
BillcipherInformation Gathering tool for a Website or IP address
Stars: ✭ 332 (-60.8%)
Cve 2019 07083389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Stars: ✭ 350 (-58.68%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-57.5%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (-6.61%)
AiodnsSimple DNS resolver for asyncio
Stars: ✭ 370 (-56.32%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-56.32%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (-56.79%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+391.38%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-7.2%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-62.22%)
KatanaA Python Tool For google Hacking
Stars: ✭ 355 (-58.09%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+516.06%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+1042.03%)
GodnsA dynamic DNS client tool supports AliDNS, Cloudflare, Google Domains, DNSPod, HE.net & DuckDNS & DreamHost, etc, written in Go.
Stars: ✭ 784 (-7.44%)
Xeexe TopantivirusevasionUndetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable
Stars: ✭ 387 (-54.31%)
Warp Plus CloudflareScript for getting unlimited GB on Warp+ ( https://1.1.1.1/ )
Stars: ✭ 381 (-55.02%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (-53.84%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-52.42%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (-52.66%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-52.18%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (-50.53%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (-52.18%)
YsoserialA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+467.65%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (-50.18%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-8.5%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-49.59%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-8.5%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-49.94%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-49%)
PybeltThe hackers tool belt
Stars: ✭ 435 (-48.64%)
Encrypted DnsConfiguration profiles for DNS HTTPS and DNS over TLS for iOS 14 and MacOS Big Sur
Stars: ✭ 455 (-46.28%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (-9.8%)
Aioslackerslacker wrapper for asyncio
Stars: ✭ 23 (-97.28%)
AirgeddonThis is a multi-use bash script for Linux systems to audit wireless networks.
Stars: ✭ 3,830 (+352.18%)
PocAdvisories, proof of concept files and exploits that have been made public by @pedrib.
Stars: ✭ 376 (-55.61%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-50.06%)
Dns Rebind ToolkitA front-end JavaScript toolkit for creating DNS rebinding attacks.
Stars: ✭ 435 (-48.64%)