Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-60.64%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (-42.31%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-97.56%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-75.93%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-98.27%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-94.11%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+521.94%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-73.74%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-72.37%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+268%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-80.24%)
DirbleFast directory scanning and scraping tool
Stars: ✭ 468 (-76.23%)
Sec ToolsDocker images for infosec tools
Stars: ✭ 135 (-93.14%)
WpforceWordpress Attack Suite
Stars: ✭ 633 (-67.85%)
EvillimiterTool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (-61.2%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (-65.62%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (-60.59%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+293.7%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (-53.99%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-98.12%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-50.53%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-93.3%)
Owasp Java EncoderThe OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (-82.58%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-83.65%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-77.15%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-83.75%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+148.7%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (-48.76%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (-45.51%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (-42.51%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-84.26%)
HabuHacking Toolkit
Stars: ✭ 635 (-67.75%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (-68.46%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (-67.24%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-70.39%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-63.18%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (-54.95%)
FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
Stars: ✭ 884 (-55.1%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-98.02%)
Pythempentest framework
Stars: ✭ 1,060 (-46.17%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+356.12%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (-54.09%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-95.07%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (-36.06%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (-40.27%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-93.4%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (-29.56%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-93.45%)
Okadminfinder3[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
Stars: ✭ 279 (-85.83%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+72.22%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (-54.44%)
XshockXSHOCK Shellshock Exploit
Stars: ✭ 65 (-96.7%)