AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (+413.43%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (+87.31%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+1359.7%)
Mobileapp Pentest CheatsheetThe Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Stars: ✭ 3,051 (+2176.87%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+405.97%)
Txtoolan easy pentesting tool.
Stars: ✭ 246 (+83.58%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+824.63%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+77.61%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+5035.82%)
FrackerPHP function tracker
Stars: ✭ 234 (+74.63%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+1168.66%)
FilesensorDynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具
Stars: ✭ 227 (+69.4%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+380.6%)
DrozerThe Leading Security Assessment Framework for Android.
Stars: ✭ 2,683 (+1902.24%)
PrismaticaResponsive Command and Control System
Stars: ✭ 81 (-39.55%)
RogueAn extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Stars: ✭ 225 (+67.91%)
HabuHacking Toolkit
Stars: ✭ 635 (+373.88%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (+62.69%)
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-16.42%)
Darkspiritz🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Stars: ✭ 219 (+63.43%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+352.24%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+59.7%)
DeathstarUses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Stars: ✭ 1,221 (+811.19%)
SharpattackA simple wrapper for C# tools
Stars: ✭ 211 (+57.46%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+314.93%)
DecryptteamviewerEnumerate and decrypt TeamViewer credentials from Windows registry
Stars: ✭ 205 (+52.99%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-5.97%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (+52.24%)
DawsAdvanced Web Shell
Stars: ✭ 551 (+311.19%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+2790.3%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-41.79%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (+50.75%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+303.73%)
BetterbackdoorA backdoor with a multitude of features.
Stars: ✭ 195 (+45.52%)
CtfrAbusing Certificate Transparency logs for getting HTTPS websites subdomains.
Stars: ✭ 1,535 (+1045.52%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+44.03%)
Dns PersistDNS-Persist is a post-exploitation agent which uses DNS for command and control.
Stars: ✭ 191 (+42.54%)
RsfThe Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-43.28%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (+41.79%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+282.84%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (+39.55%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1958.21%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+35.82%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+776.12%)
JwtcatA CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Stars: ✭ 181 (+35.07%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+3963.43%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+32.09%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-19.4%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+272.39%)
Nimscan🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (+0%)
DedsploitNetwork protocol auditing framework
Stars: ✭ 133 (-0.75%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+1244.78%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-14.18%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-32.84%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+541.04%)
WirespyFramework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Stars: ✭ 293 (+118.66%)