WebspoiltThis script will you help to find the information about the website and to help in penetrating testing
Stars: ✭ 34 (-95.57%)
PandorasBoxSecurity tool to quickly audit Public Box files and folders.
Stars: ✭ 56 (-92.7%)
PwndocPentest Report Generator
Stars: ✭ 417 (-45.63%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-65.06%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-81.49%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-82.4%)
Enum4linux NgA next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Stars: ✭ 349 (-54.5%)
TrapePeople tracker on the Internet: OSINT analysis and research tool by Jose Pino
Stars: ✭ 6,753 (+780.44%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (-79.4%)
Wifi PassviewAn open source batch script based WiFi Passview for Windows!
Stars: ✭ 157 (-79.53%)
Instagram HackerThis is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!
Stars: ✭ 156 (-79.66%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-45.76%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-65.97%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (-28.16%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (-11.6%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-79.66%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-77.71%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (-64.67%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-67.41%)
BopscrkTool to generate smart and powerful wordlists
Stars: ✭ 273 (-64.41%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+316.95%)
Oscp PwkThis is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.
Stars: ✭ 406 (-47.07%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-75.23%)
EastExploits and Security Tools Framework 2.0.1
Stars: ✭ 283 (-63.1%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-47.2%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-47.46%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (-66.62%)
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Stars: ✭ 276 (-64.02%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+308.21%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+718.9%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-16.04%)
T LoadNew Interface And Loading Screen For Termux Users
Stars: ✭ 207 (-73.01%)
GobyAttack surface mapping
Stars: ✭ 446 (-41.85%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-72.1%)
BugbountyscannerA Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
Stars: ✭ 229 (-70.14%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-29.07%)
RubyfuRubyfu, where Ruby goes evil!
Stars: ✭ 228 (-70.27%)
OsintgramOsintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (-59.32%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (-87.48%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (-62.45%)
Windows Post ExploitationWindows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
Stars: ✭ 296 (-61.41%)
Impulse💣 Impulse Denial-of-service ToolKit
Stars: ✭ 538 (-29.86%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (-61.93%)
ParadoxiaratParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (-48.5%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (-7.82%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-61.28%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-29.47%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (-48.37%)