JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+83.48%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-67.25%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+124.64%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+2463.48%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-82.03%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-79.13%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-47.25%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+23.77%)
HabuHacking Toolkit
Stars: ✭ 635 (+84.06%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+882.9%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+2548.41%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+47.54%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+915.36%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-75.36%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1022.61%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+111.01%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (-22.61%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+293.33%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+4.06%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (+4.64%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+114.2%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+49.86%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+130.72%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-64.06%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-86.96%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-53.04%)
ZigdiggityA ZigBee hacking toolkit by Bishop Fox
Stars: ✭ 169 (-51.01%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-50.43%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-53.04%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-49.86%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+1117.97%)
Apk Meditmemory search and patch tool on debuggable apk without root & ndk
Stars: ✭ 189 (-45.22%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-45.8%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-44.93%)
Honggfuzz RsFuzz your Rust code with Google-developed Honggfuzz !
Stars: ✭ 222 (-35.65%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-54.78%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-46.96%)
gvm-toolsRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (-58.55%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+896.81%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (-13.91%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (-83.19%)
ZbangzBang is a risk assessment tool that detects potential privileged account threats
Stars: ✭ 224 (-35.07%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (-85.51%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (-15.36%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-83.19%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-91.59%)
Hackertarget🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
Stars: ✭ 320 (-7.25%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-55.65%)
NetpwnTool made to automate tasks of pentesting.
Stars: ✭ 152 (-55.94%)
H1domainsHackerOne "in scope" domains
Stars: ✭ 223 (-35.36%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-14.78%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-82.61%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+920.58%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-93.04%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-89.86%)
ORtesterOpen Redirect scanner - (out of date)
Stars: ✭ 24 (-93.04%)