Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+267.16%)
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-9.7%)
HackerproAll in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
Stars: ✭ 474 (+253.73%)
Watf BankWaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
Stars: ✭ 87 (-35.07%)
ImagejsSmall tool to package javascript into a valid image file.
Stars: ✭ 828 (+517.91%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+245.52%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-1.49%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+1168.66%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-2.24%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+6702.99%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-14.93%)
BlackratBlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-35.07%)
AtscanAdvanced dork Search & Mass Exploit Scanner
Stars: ✭ 817 (+509.7%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+706.72%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+935.07%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+235.07%)
Nmap Nse InfoBrowse and search through nmap's NSE scripts.
Stars: ✭ 54 (-59.7%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (-11.19%)
Pentest⛔️ offsec batteries included
Stars: ✭ 1,063 (+693.28%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+4144.03%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+507.46%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+224.63%)
Pythempentest framework
Stars: ✭ 1,060 (+691.04%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-35.07%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+498.51%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+1185.07%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+216.42%)
SsrfmapSimple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (-62.69%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (+216.42%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+214.93%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-64.18%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (+213.43%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1354.48%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+210.45%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-27.61%)
StriptagsAn implementation of PHP's strip_tags in Typescript.
Stars: ✭ 409 (+205.22%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+661.94%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-2.24%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+1359.7%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+494.03%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-67.16%)
PsattackA portable console aimed at making pentesting with PowerShell a little easier.
Stars: ✭ 1,021 (+661.94%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+5685.07%)
GhostwriterThe SpecterOps project management and reporting engine
Stars: ✭ 394 (+194.03%)
Oscp AutomationA collection of personal scripts used in hacking excercises.
Stars: ✭ 118 (-11.94%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+846.27%)
GoscanInteractive Network Scanner
Stars: ✭ 795 (+493.28%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+490.3%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+8456.72%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-15.67%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-35.82%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+486.57%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+479.1%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+4927.61%)