Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+337.11%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+363.92%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+1207.22%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+4948.45%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+377.32%)
Search That Hash🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+380.41%)
Wahh extrasThe Web Application Hacker's Handbook - Extra Content
Stars: ✭ 428 (+341.24%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+6363.92%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+1197.94%)
ReconpiReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
Stars: ✭ 490 (+405.15%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+419.59%)
Cve 2019 0604cve-2019-0604 SharePoint RCE exploit
Stars: ✭ 91 (-6.19%)
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Stars: ✭ 506 (+421.65%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-13.4%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+1187.63%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+432.99%)
Saint👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]
Stars: ✭ 522 (+438.14%)
BrutesploitBruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
Stars: ✭ 424 (+337.11%)
HackerproAll in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
Stars: ✭ 474 (+388.66%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+424.74%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+5688.66%)
CmseekCMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
Stars: ✭ 1,296 (+1236.08%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+468.04%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+468.04%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+473.2%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+33826.8%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+501.03%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-15.46%)
KeyloggerGet Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
Stars: ✭ 604 (+522.68%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+540.21%)
Impulse💣 Impulse Denial-of-service ToolKit
Stars: ✭ 538 (+454.64%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+504.12%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (+556.7%)
Instabruteforcehacking-tool termux-tools termux noob-friendly instagram-bot bruteforce-password-cracker wordlist-technique
Stars: ✭ 86 (-11.34%)
Koa2 RatelimitRate-limiting middleware for Koa2 ES6. Use to limit repeated requests to APIs and/or endpoints such as password reset.
Stars: ✭ 81 (-16.49%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+6994.85%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+620.62%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+677.32%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+336.08%)
Onexonex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.
Stars: ✭ 537 (+453.61%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+563.92%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+614.43%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+683.51%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+710.31%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+728.87%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+9297.94%)
TrapePeople tracker on the Internet: OSINT analysis and research tool by Jose Pino
Stars: ✭ 6,753 (+6861.86%)
SsbSecure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server
Stars: ✭ 832 (+757.73%)
AvaxAVAX is a small, modern and fast console application for decrypting passwords with certain options.
Stars: ✭ 19 (-80.41%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+831.96%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+767.01%)
Jsql InjectionjSQL Injection is a Java application for automatic SQL database injection.
Stars: ✭ 891 (+818.56%)