xecaPowerShell payload generator
Stars: ✭ 103 (+68.85%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (-18.03%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+485.25%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+1475.41%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-73.77%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (+1.64%)
Reverse Engineering TutorialA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+9347.54%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+132.79%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (+32.79%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (+98.36%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+3095.08%)
Information SecurityA place where I can create, collect and share tooling, resources and knowledge about information security.
Stars: ✭ 135 (+121.31%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (+254.1%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+0%)
DevBrute-A Password Brute ForcerDevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (+49.18%)
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
Stars: ✭ 155 (+154.1%)
Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (-37.7%)
NTU-Computer-Security台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan
Stars: ✭ 293 (+380.33%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (-13.11%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-42.62%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-34.43%)
ghidra2dwarf🐉 Export ghidra decompiled code to dwarf sections inside ELF binary
Stars: ✭ 135 (+121.31%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+129.51%)
Hack4Squad💀 A bash hacking and scanning framework.
Stars: ✭ 45 (-26.23%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+47.54%)
CcatCloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Stars: ✭ 300 (+391.8%)
PatrowlHearsDataOpen-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
Stars: ✭ 66 (+8.2%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: ✭ 260 (+326.23%)
huntkitDocker - Ubuntu with a bunch of PenTesting tools and wordlists
Stars: ✭ 51 (-16.39%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+106.56%)
haaukinsA Highly Accessible and Automated Virtualization Platform for Security Education
Stars: ✭ 148 (+142.62%)
PocOrExp in Github聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+791.8%)
AzureAD Autologon BruteBrute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Stars: ✭ 90 (+47.54%)
rawsec-cybersecurity-inventoryAn inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (+150.82%)
exploitingExploiting challenges in Linux and Windows
Stars: ✭ 122 (+100%)
zBusterBash script for CTF automating basic enumeration
Stars: ✭ 20 (-67.21%)
Spray365Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
Stars: ✭ 233 (+281.97%)
Pentest-Service-EnumerationSuggests programs to run against services found during the enumeration phase of a Pentest
Stars: ✭ 80 (+31.15%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-26.23%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-37.7%)
DrGadgetdr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>
Stars: ✭ 61 (+0%)
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
Stars: ✭ 17 (-72.13%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+98.36%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (+122.95%)
URL-obfuscatorPython Program to obfuscate URLs to make Phishing attacks more difficult to detect. Uses Active open redirect list and other URL obfuscation techniques.
Stars: ✭ 101 (+65.57%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-55.74%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (+618.03%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (+536.07%)
WebspoiltThis script will you help to find the information about the website and to help in penetrating testing
Stars: ✭ 34 (-44.26%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+919.67%)