1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+9676.32%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+1063.16%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+1939.47%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+742.11%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+655.26%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+2231.58%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+1852.63%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+3328.95%)
WsmanagerWebshell Manager
Stars: ✭ 99 (+160.53%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+60.53%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+2889.47%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (+578.95%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-34.21%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (+605.26%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (+26.32%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+1331.58%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+1942.11%)
JiraffeOne stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (+313.16%)
RPCScanTool to communicate with RPC services and check misconfigurations on NFS shares
Stars: ✭ 53 (+39.47%)
PwndocPentest Report Generator
Stars: ✭ 417 (+997.37%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+18968.42%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+15539.47%)
Awesome Security GistsA collection of various GitHub gists for hackers, pentesters and security researchers
Stars: ✭ 701 (+1744.74%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (+47.37%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (+78.95%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (+113.16%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+955.26%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+9844.74%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (+176.32%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+18010.53%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+1381.58%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-57.89%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+5028.95%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+268.42%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (+155.26%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (+234.21%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+573.68%)
PLtools整理一些内网常用渗透小工具
Stars: ✭ 227 (+497.37%)
CredsleakerCredsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
Stars: ✭ 247 (+550%)
phisherpriceAll In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (+0%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+5371.05%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+268.42%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (+52.63%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (+57.89%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (+328.95%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+3234.21%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+273.68%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+1000%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+218.42%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (+215.79%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-13.16%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-7.89%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (+107.89%)