Awesome HackingA collection of various awesome lists for hackers, pentesters and security researchers
Stars: ✭ 48,038 (+42791.07%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+162.5%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+77.68%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+6369.64%)
OctoA fuzzing library in JavaScript. ✨
Stars: ✭ 96 (-14.29%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-23.21%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+1015.18%)
FuzzanFuZZan: Efficient Sanitizer Metadata Design for Fuzzing
Stars: ✭ 81 (-27.68%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-8.04%)
BadpodsA collection of manifests that will create pods with elevated privileges.
Stars: ✭ 93 (-16.96%)
StormA blackbox mutational fuzzer for detecting critical bugs in SMT solvers
Stars: ✭ 79 (-29.46%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-20.54%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-13.39%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-26.79%)
Ssh MitmSSH man-in-the-middle tool
Stars: ✭ 1,328 (+1085.71%)
Slideswon't maintain
Stars: ✭ 79 (-29.46%)
AnsvifA Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-4.46%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-19.64%)
Optee fuzzerThis repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.
Stars: ✭ 78 (-30.36%)
Afl PatchesPatches to afl to fix bugs or add enhancements
Stars: ✭ 76 (-32.14%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-9.82%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+9231.25%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-35.71%)
Test Each🤖 Repeat tests. Repeat tests. Repeat tests.
Stars: ✭ 89 (-20.54%)
YamsA collection of Ansible roles for automating infosec builds.
Stars: ✭ 98 (-12.5%)
Ble Security Attack Defence✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
Stars: ✭ 88 (-21.43%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-6.25%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-24.11%)
Afl Snapshot LkmA Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.
Stars: ✭ 97 (-13.39%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+1024.11%)
Beef Over WanBrowser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
Stars: ✭ 82 (-26.79%)
HoundsploitAn advanced graphical search engine for Exploit-DB
Stars: ✭ 81 (-27.68%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-8.04%)
ArcheapArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
Stars: ✭ 80 (-28.57%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-16.07%)
StegextractDetect hidden files and text in images
Stars: ✭ 79 (-29.46%)
Fisy FuzzThis is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (-1.79%)
BrundlefuzzBrundleFuzz is a distributed fuzzer for Windows and Linux using dynamic binary instrumentation.
Stars: ✭ 78 (-30.36%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+1075%)
RsfThe Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-32.14%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-18.75%)
BoofuzzA fork and successor of the Sulley Fuzzing Framework
Stars: ✭ 1,180 (+953.57%)
Punk.pyunix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-4.46%)
RandomjsonProvides a Kotlin/Java library to create a random json string
Stars: ✭ 70 (-37.5%)
FirmaeTowards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
Stars: ✭ 91 (-18.75%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-9.82%)
ElmyrA utility to make Kotlin/Java tests random yet reproducible
Stars: ✭ 68 (-39.29%)
DomatoDOM fuzzer
Stars: ✭ 1,303 (+1063.39%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-39.29%)
Book📖 Guides and tutorials on how to fuzz Rust code
Stars: ✭ 67 (-40.18%)
RoadmapGitBook: OSCP RoadMap
Stars: ✭ 89 (-20.54%)
Mitm Scripts🔄 A collection of mitmproxy inline scripts
Stars: ✭ 109 (-2.68%)