ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+412.68%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (+21.83%)
H1domainsHackerOne "in scope" domains
Stars: ✭ 223 (+57.04%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+28.17%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+206.34%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+460.56%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+6128.17%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+4323.24%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+2379.58%)
PyupA tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
Stars: ✭ 379 (+166.9%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+142.96%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+242.25%)
Syzkallersyzkaller is an unsupervised coverage-guided kernel fuzzer
Stars: ✭ 3,841 (+2604.93%)
SoteriaPlugin to block compilation when unapproved dependencies are used or code styling does not comply.
Stars: ✭ 36 (-74.65%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-56.34%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (+154.23%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+6334.51%)
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-44.37%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+1792.25%)
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (+1142.25%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-18.31%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1169.01%)
Cli🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Stars: ✭ 2,151 (+1414.79%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-19.72%)
Snopfsnopf USB password token
Stars: ✭ 113 (-20.42%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-18.31%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-5.63%)
SojoboA binary analysis framework
Stars: ✭ 116 (-18.31%)
Personal Security Checklist🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021
Stars: ✭ 2,388 (+1581.69%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-19.72%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1458.45%)
Bag Of HoldingAn application to assist in the organization and prioritization of software security activities.
Stars: ✭ 114 (-19.72%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1106.34%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-8.45%)
Clr MeterpreterThe full story of the CLR implementation of Meterpreter
Stars: ✭ 137 (-3.52%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-20.42%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-9.86%)
Outisoutis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).
Stars: ✭ 111 (-21.83%)
Nordvpn NetworkmanagerA CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.
Stars: ✭ 111 (-21.83%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1193.66%)
Docbleach🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software
Stars: ✭ 110 (-22.54%)
SyswallWork in progress firewall for Linux syscalls, written in Rust
Stars: ✭ 110 (-22.54%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (+0%)
ConsolemeA Central Control Plane for AWS Permissions and Access
Stars: ✭ 2,631 (+1752.82%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1184.51%)
SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+1144.37%)
Fisy FuzzThis is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (-22.54%)
DekstereconWeb Application recon automation
Stars: ✭ 109 (-23.24%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-12.68%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-23.94%)
EmbedosEmbedOS - Embedded security testing virtual machine
Stars: ✭ 108 (-23.94%)
EncpipeThe dum^H^H^Hsimplest encryption tool in the world.
Stars: ✭ 135 (-4.93%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-14.08%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-23.94%)
JwtA JWT (JSON Web Token) Encoder & Decoder
Stars: ✭ 107 (-24.65%)
Burp ExporterExporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.
Stars: ✭ 122 (-14.08%)
Backfuzzprotocol fuzzing toolkit
Stars: ✭ 106 (-25.35%)