FuzzdictsWeb Pentesting Fuzz 字典,一个就够了。
Stars: ✭ 4,013 (+3796.12%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+1102.91%)
DeltaPROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
Stars: ✭ 55 (-46.6%)
Ctf NotesEverything needed for doing CTFs
Stars: ✭ 304 (+195.15%)
hackipyHacking, pen-testing, and cyber-security related tools built with Python.
Stars: ✭ 26 (-74.76%)
Commando VmComplete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution.
[email protected] Stars: ✭ 5,030 (+4783.5%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-30.1%)
behindflareThis tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
Stars: ✭ 14 (-86.41%)
rsmReverse shell manager using tmux and ncat
Stars: ✭ 29 (-71.84%)
Awvs DecodeThe best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法,仅15行代码!
Stars: ✭ 488 (+373.79%)
On PwningMy solutions to some CTF challenges and a list of interesting resources about pwning stuff
Stars: ✭ 87 (-15.53%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-66.99%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (+369.9%)
Umbraco-RCEUmbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (-40.78%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+644.66%)
BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (+194.17%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+5987.38%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+1039.81%)
BootstompBootStomp: a bootloader vulnerability finder
Stars: ✭ 303 (+194.17%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+637.86%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (+192.23%)
BashCollection of bash scripts I wrote to make my life easier or test myself that you may find useful.
Stars: ✭ 19 (-81.55%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+349.51%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-55.34%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+1224.27%)
iskanKubernetes Native, Runtime Container Image Scanning
Stars: ✭ 35 (-66.02%)
AutosploitAutomated Mass Exploiter
Stars: ✭ 4,500 (+4268.93%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (+325.24%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+191.26%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-31.07%)
YamsA collection of Ansible roles for automating infosec builds.
Stars: ✭ 98 (-4.85%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-6.8%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+188.35%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-20.39%)
SkaSimple Karma Attack
Stars: ✭ 55 (-46.6%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+632.04%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (+188.35%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-33.01%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-15.53%)
Pwdlyser-CLIPython-based CLI Password Analyser (Reporting Tool)
Stars: ✭ 29 (-71.84%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+335.92%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (+779.61%)
Go DorkThe fastest dork scanner written in Go.
Stars: ✭ 274 (+166.02%)
Grauditgrep rough audit - source code auditing tool
Stars: ✭ 747 (+625.24%)
Teamviewer permissions hook v1A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.
Stars: ✭ 297 (+188.35%)
BadmodCMS auto detect and exploit.
Stars: ✭ 296 (+187.38%)
BinexpLinux Binary Exploitation
Stars: ✭ 742 (+620.39%)
WirespyFramework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Stars: ✭ 293 (+184.47%)
Dnscat2 PowershellA Powershell client for dnscat2, an encrypted DNS command and control tool.
Stars: ✭ 295 (+186.41%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (+186.41%)