NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+281.25%)
SmershSmersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
Stars: ✭ 43 (+168.75%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+42912.5%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+65218.75%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+19887.5%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+1693.75%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+12081.25%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+1412.5%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (+50%)
FSEC-VMBackend logic implementation for Vulnerability Management System
Stars: ✭ 19 (+18.75%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (+393.75%)
quick-scriptsA collection of my quick and dirty scripts for vulnerability POC and detections
Stars: ✭ 73 (+356.25%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (+137.5%)
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (+443.75%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (+568.75%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+3787.5%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+4537.5%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (+337.5%)
dorothyDorothy is a tool to test security monitoring and detection for Okta environments
Stars: ✭ 85 (+431.25%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (+168.75%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (+93.75%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+275%)
rawsec-cybersecurity-inventoryAn inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (+856.25%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+5518.75%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+181.25%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+23118.75%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (+425%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (+1568.75%)
Cyber-SecurityThis repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.
Stars: ✭ 42 (+162.5%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (+431.25%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (+106.25%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (+1600%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+1775%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+1500%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+2131.25%)
Open-source-tools-for-CTIPublic Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (+468.75%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+23518.75%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+1900%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (+281.25%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+4743.75%)
Awesome Security GistsA collection of various GitHub gists for hackers, pentesters and security researchers
Stars: ✭ 701 (+4281.25%)
PwndocPentest Report Generator
Stars: ✭ 417 (+2506.25%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+2406.25%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+2662.5%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+2812.5%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+2318.75%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (+3262.5%)