Ssh Mitmssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation
Stars: ✭ 335 (+172.36%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+52.03%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-34.15%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+47.97%)
TlsfuzzerSSL and TLS protocol test suite and fuzzer
Stars: ✭ 335 (+172.36%)
Nndefacctsnnposter's alternate fingerprint dataset for Nmap script http-default-accounts
Stars: ✭ 180 (+46.34%)
Fsocietyfsociety Hacking Tools Pack – A Penetration Testing Framework
Stars: ✭ 7,224 (+5773.17%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (+41.46%)
Webapp ChecklistTechnical details that a programmer of a web application should consider before making the site public.
Stars: ✭ 320 (+160.16%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (-5.69%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (+33.33%)
Striptlsproxy poc implementation of STARTTLS stripping attacks
Stars: ✭ 163 (+32.52%)
Cs SuiteCloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (+562.6%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (+28.46%)
CsetCybersecurity Evaluation Tool
Stars: ✭ 304 (+147.15%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (+27.64%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-35.77%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (+19.51%)
BadmodCMS auto detect and exploit.
Stars: ✭ 296 (+140.65%)
Gcp AuditA tool for auditing security properties of GCP projects.
Stars: ✭ 140 (+13.82%)
WindowsAwesome tools to exploit Windows !
Stars: ✭ 816 (+563.41%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+2445.53%)
CloudsploitCloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (+987.8%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1467.48%)
DependencycheckOWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Stars: ✭ 3,571 (+2803.25%)
Shellen🌸 Interactive shellcoding environment to easily craft shellcodes
Stars: ✭ 799 (+549.59%)
XxexploiterTool to help exploit XXE vulnerabilities
Stars: ✭ 243 (+97.56%)
CommixAutomated All-in-One OS Command Injection Exploitation Tool.
Stars: ✭ 3,016 (+2352.03%)
DownloadsAD Health Check, Send HTML Email, Ping machines, Encrypt Password,Bulk Password,Microsoft Teams,Monitor Certificate expiry, Monitor cert expiry, AD attributes, IP to Hostname, Export AD group, CSV to SQL,Shutdown, Restart, Local Admin, Disk Space, Account expiry,Restore Permissions, Backup permissions, Delete Files Older Than X-Days, export DHCP options,Read Registry,Distribution group AD attributes,Monitor Windows Services,Export Reverse DNS,Task Monitor,Monitor and alert, Exchange Health check,Get Network Info, Export AD Attributes,AD group members, Office 365 Group member, SQL to CSV, Outlook save send attachments, Upload files to FTP,Exchange – Total Messages Sent Received, Set Teams Only Mode, Intune Duplicate Device,Intune Cleanup Not Evaluated, Ownership and Grant Permissions, Write Create Modify Registry , Organization Hierarchy from AD,Azure AD Privileged Identity Management,Intune – Export MAM Devices,Intune Marking devices as Corporate, Dynamic to Static Distribution Group,Monitor Alert Office 365 services,Group Member Count,Bulk Addition external users sharepoint, ADD to Exchange online License Group,All in One Office 365 Powershell,Bulk Addition of Secondary Email, Automate move mailboxes to o365, Addition Modification Termination Exchange users, Monitoring Unified Messaging port,Unified Messaging Extensions Report, Set Default Quota for SharePoint,Bulk Contact Creation and Forwarding, Uploading and Downloading files sftp, Monitoring Sftp file and download, Office 365 groups Write back, CSV parser, Email address update, Email address modify, MDM enrollment, Welcome Email, Intune Welcome Email, remove messages, remove email, SKOB to AD, SKOB to group, PowerApps report, Powerautomate Report, Flow report, Server QA, Server Check List, O365 IP range, IP range Monitor, o365 Admin Roles, memberof extraction, CSV to Excel, Skype Policy, UPN Flip, Rooms Report, License Reconciliation,Intune Bulk Device Removal, Device Removal, Clear Activesync, Lync Account Termination,Lync Account Removal, Enable office 365 services, Enable o365 Services, Export PST, Site collection Report, Office 365 Group Sites, System Admin,ActiveSync Report,White Space,Active Directory attributes, outlook automation, Intune Detect App, Distribution list Fix, Legacy DN, start service, stop service, disable service, Message tracking, Distribution lists report,Distribution groups report,Quota Report, Auto reply, out of office, robocopy multi session, Home Folder, local admin, Database, UPN SIP Mismatch, Recoverable deleted, teams number, Number assignment, teams phone, AD Group Hierarchy, Hierarchy membership, Sync Groups
Stars: ✭ 75 (-39.02%)
ShellabLinux and Windows shellcode enrichment utility
Stars: ✭ 225 (+82.93%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (+112.2%)
Cve 2019 9810Exploit for CVE-2019-9810 Firefox on Windows 64-bit.
Stars: ✭ 200 (+62.6%)
PasscoreA self-service password management tool for Active Directory
Stars: ✭ 787 (+539.84%)
Ciscorv320dumpCVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!
Stars: ✭ 198 (+60.98%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+594.31%)
XropTool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC
Stars: ✭ 195 (+58.54%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-9.76%)
Smart-Contract-Security-AuditsCertified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting
Stars: ✭ 325 (+164.23%)
BlisqyVersion 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
Stars: ✭ 179 (+45.53%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+523.58%)
KarkinosA thorough library database to assist with binary exploitation tasks.
Stars: ✭ 170 (+38.21%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-50.41%)
Mqtt PwnMQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
Stars: ✭ 156 (+26.83%)
NotrulerThe opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
Stars: ✭ 72 (-41.46%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: ✭ 69 (-43.9%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-5.69%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-7.32%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-16.26%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-27.64%)
NfcgateAn NFC research toolkit application for Android
Stars: ✭ 425 (+245.53%)
codecatCodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.
Stars: ✭ 265 (+115.45%)