BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+761.17%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-8.74%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-15.53%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-32.04%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+5421.36%)
FeatherdusterAn automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
Stars: ✭ 876 (+750.49%)
Apache Ultimate Bad Bot BlockerApache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
Stars: ✭ 441 (+328.16%)
Scanlessonline port scan scraper
Stars: ✭ 875 (+749.51%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (+322.33%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+319.42%)
PentestingazureappsScript samples from the book Pentesting Azure Applications (2018, No Starch Press)
Stars: ✭ 69 (-33.01%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (+742.72%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+318.45%)
Leviathanwide range mass audit toolkit
Stars: ✭ 862 (+736.89%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+311.65%)
ExploitsMiscellaneous exploit code
Stars: ✭ 1,157 (+1023.3%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+733.98%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+310.68%)
ReverseapkQuickly analyze and reverse engineer Android packages
Stars: ✭ 419 (+306.8%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-5.83%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (+307.77%)
PwndocPentest Report Generator
Stars: ✭ 417 (+304.85%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+303.88%)
PwndraA collection of pwn/CTF related utilities for Ghidra
Stars: ✭ 417 (+304.85%)
BotbA container analysis and exploitation tool for pentesters and engineers.
Stars: ✭ 414 (+301.94%)
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-33.98%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-91.26%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+300.97%)
PoweropsPowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
Stars: ✭ 412 (+300%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+1131.07%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+716.5%)
ApkurlgrepExtract endpoints from APK files
Stars: ✭ 405 (+293.2%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (+290.29%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-75.73%)
GhostwriterThe SpecterOps project management and reporting engine
Stars: ✭ 394 (+282.52%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+800.97%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (+280.58%)
XshockXSHOCK Shellshock Exploit
Stars: ✭ 65 (-36.89%)
WhitewidowSQL Vulnerability Scanner
Stars: ✭ 926 (+799.03%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+275.73%)
Envizonnetwork visualization & vulnerability management/reporting
Stars: ✭ 382 (+270.87%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+269.9%)
RaasnetOpen-Source Ransomware As A Service for Linux, MacOS and Windows
Stars: ✭ 371 (+260.19%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+4966.02%)
SecretscannerFind secrets and passwords in container images and file systems
Stars: ✭ 895 (+768.93%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+259.22%)