H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+353.41%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-82.08%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-66.38%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+296.4%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+38.74%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-95.44%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+283.69%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (-88.33%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (-87.64%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (-61.08%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-98.44%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+35.84%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-83.43%)
Openvas ScannerOpen Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (-54.19%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-83.6%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-95.53%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (-72.54%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (-20.87%)
Nndefacctsnnposter's alternate fingerprint dataset for Nmap script http-default-accounts
Stars: ✭ 180 (-92.19%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (-89.54%)
Intrigue CoreDiscover Your Attack Surface!
Stars: ✭ 1,013 (-56.05%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (-56.23%)
VulnfanaticA Binary Ninja plugin for vulnerability research.
Stars: ✭ 203 (-91.19%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-97.66%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-92.97%)
RedTeam toolkitRed Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Stars: ✭ 301 (-86.94%)
KillshotA Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (-89.72%)
scan-cli-pluginDocker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Stars: ✭ 135 (-94.14%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-98.96%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-96.88%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-96.57%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-96.27%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-98.7%)
nseNmap NSE scripts
Stars: ✭ 23 (-99%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-92.97%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-95.44%)
Grinder🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)
Stars: ✭ 209 (-90.93%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (-87.2%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-85.86%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+27.64%)
CelerystalkAn asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
Stars: ✭ 333 (-85.55%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-84.69%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-95.05%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-84.25%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (-88.42%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (-65.47%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (-64.16%)
WhourTool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-99.22%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-92.06%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-88.68%)
VanquishVanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (-80.52%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+319.65%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (-63.25%)
Pentest Tools FrameworkPentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 48 (-97.92%)