Awesome Shodan Queriesπ A collection of interesting, funny, and depressing search queries to plug into shodan.io π©βπ»
Stars: β 2,758 (+786.82%)
PrivesccheckPrivilege Escalation Enumeration Script for Windows
Stars: β 1,032 (+231.83%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: β 44 (-85.85%)
HOUDINIHundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Stars: β 791 (+154.34%)
SecurityExplainedSecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
Stars: β 301 (-3.22%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: β 2,775 (+792.28%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: β 104 (-66.56%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: β 40 (-87.14%)
meta enumeratorC++14 library to enhance enumerator capabilities, including arbitrary length, statically allocated, strongly typed masks.
Stars: β 21 (-93.25%)
DirhuntFind web directories without bruteforce
Stars: β 983 (+216.08%)
JwtcatA CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Stars: β 181 (-41.8%)
FuzzdictsWeb Pentesting Fuzz εε
Έ,δΈδΈͺε°±ε€δΊγ
Stars: β 4,013 (+1190.35%)
BabysploitπΆ BabySploit Beginner Pentesting Toolkit/Framework Written in Python π
Stars: β 883 (+183.92%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: β 27 (-91.32%)
DrozerThe Leading Security Assessment Framework for Android.
Stars: β 2,683 (+762.7%)
Ransom0Ransom0 is a open source ransomware made with Python, designed to find and encrypt user data.
Stars: β 105 (-66.24%)
HacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: β 3,741 (+1102.89%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: β 904 (+190.68%)
lua-enumEnumerated Types for Lua
Stars: β 16 (-94.86%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: β 835 (+168.49%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: β 173 (-44.37%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: β 833 (+167.85%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: β 814 (+161.74%)
Awesome OscpA curated list of awesome OSCP resources
Stars: β 804 (+158.52%)
Spray365Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
Stars: β 233 (-25.08%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: β 786 (+152.73%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: β 169 (-45.66%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: β 775 (+149.2%)
PowerProxyPowerShell SOCKS proxy with reverse proxy capabilities
Stars: β 29 (-90.68%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: β 764 (+145.66%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: β 103 (-66.88%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: β 754 (+142.44%)
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Stars: β 302 (-2.89%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: β 725 (+133.12%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: β 297 (-4.5%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: β 287 (-7.72%)
AndroticklerPenetration testing and auditing toolkit for Android apps.
Stars: β 225 (-27.65%)
Smtptestersmall python3 tool to check common vulnerabilities in SMTP servers
Stars: β 102 (-67.2%)
PasscatPasswords Recovery Tool
Stars: β 164 (-47.27%)
Lockdoor Frameworkπ Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: β 677 (+117.68%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: β 260 (-16.4%)
PycatPython network tool, similar to Netcat with custom features.
Stars: β 162 (-47.91%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: β 644 (+107.07%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: β 23 (-92.6%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: β 103 (-66.88%)
RogueAn extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Stars: β 225 (-27.65%)
Burp ParamalyzerParamalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
Stars: β 102 (-67.2%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: β 101 (-67.52%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: β 157 (-49.52%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: β 310 (-0.32%)
HettyHetty is an HTTP toolkit for security research.
Stars: β 3,596 (+1056.27%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: β 301 (-3.22%)