WhatwebNext generation web scanner
Stars: ✭ 3,503 (+3300.97%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+289.32%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+337.86%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+377.67%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+385.44%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (+1152.43%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+521.36%)
Owasp MasvsThe Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
Stars: ✭ 1,030 (+900%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-23.3%)
Write Ups📚 VoidHack CTF write-ups
Stars: ✭ 45 (-56.31%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (+502.91%)
Digispark ScriptsUSB Rubber Ducky type scripts written for the DigiSpark.
Stars: ✭ 629 (+510.68%)
Timeless Timing AttacksA Python implementation that facilitates finding timeless timing attack vulnerabilities.
Stars: ✭ 45 (-56.31%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-13.59%)
Penetration Testing ToolsA collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Stars: ✭ 614 (+496.12%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-23.3%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+896.12%)
HerpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (+496.12%)
SeccubusEasy automated vulnerability scanning, reporting and analysis
Stars: ✭ 615 (+497.09%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+891.26%)
AttifyosAttify OS - Distro for pentesting IoT devices
Stars: ✭ 615 (+497.09%)
PrintspooferAbusing Impersonation Privileges on Windows 10 and Server 2019
Stars: ✭ 613 (+495.15%)
Decoder Plus PlusAn extensible application for penetration testers and software developers to decode/encode data into various formats.
Stars: ✭ 79 (-23.3%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+892.23%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+489.32%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+488.35%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-57.28%)
DotdotpwnDotDotPwn - The Directory Traversal Fuzzer
Stars: ✭ 601 (+483.5%)
Resource filesmosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-7.77%)
RobberRobber is open source tool for finding executables prone to DLL hijacking
Stars: ✭ 602 (+484.47%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-57.28%)
Corscanner Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (+483.5%)
PsattackA portable console aimed at making pentesting with PowerShell a little easier.
Stars: ✭ 1,021 (+891.26%)
GithacktoolsThe best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-24.27%)
MonkeyInfection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+5309.71%)
Cve 2019 11708Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.
Stars: ✭ 581 (+464.08%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-13.59%)
Griefing MethodsA documentation about how to hack Minecraft servers
Stars: ✭ 76 (-26.21%)
Cve 2018 18852CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
Stars: ✭ 42 (-59.22%)
Heap ViewerAn IDA Pro plugin to examine the glibc heap, focused on exploit development
Stars: ✭ 574 (+457.28%)
KeyloggerA simple keylogger for Windows, Linux and Mac
Stars: ✭ 1,007 (+877.67%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+442.72%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+5669.9%)
Local File Disclosure Sql Injection LabThis is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)
Stars: ✭ 41 (-60.19%)
Easy hackHack the World using Termux
Stars: ✭ 549 (+433.01%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-61.17%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+434.95%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+1204.85%)
BughunterTools for Bug Hunting
Stars: ✭ 95 (-7.77%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+31850.49%)
Security AssessmentScripts to automate some part of Security/Vulnerability Assessment
Stars: ✭ 75 (-27.18%)
FoxpwnExploit code for CVE-2016-9066
Stars: ✭ 39 (-62.14%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (+426.21%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (+430.1%)
RegslscanA tool for scanning registery key permissions. Find where non-admins can create symbolic links.
Stars: ✭ 39 (-62.14%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+428.16%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+1059.22%)