ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-50.53%)
Pythempentest framework
Stars: ✭ 1,060 (-46.17%)
Web BrutatorFast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-95.07%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (-90.76%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (-54.44%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-91.37%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+45.35%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-89.23%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (-12.75%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (-91.98%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-98.73%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (-93.91%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-63.18%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-98.07%)
FlashRoute🚀 Takes minutes to explore the topology of all routable /24 prefixes in IPv4 address space. Now supports IPv6 scan!
Stars: ✭ 26 (-98.68%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-98.37%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+88.67%)
Dr0p1t FrameworkA framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (-42.51%)
XshockXSHOCK Shellshock Exploit
Stars: ✭ 65 (-96.7%)
Foxss-XSS-Penetration-Testing-ToolFoxss is a simple php based penetration Testing Tool.Currently it will help to find XSS vulnerability in websites.
Stars: ✭ 35 (-98.22%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-85.42%)
MS17010EXPLadon Moudle MS17010 Exploit for PowerShell
Stars: ✭ 40 (-97.97%)
GetPwdIt's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)
Stars: ✭ 46 (-97.66%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-98.22%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-99.34%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-99.09%)
offensive-docker-vpsCreate a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Stars: ✭ 66 (-96.65%)
Owasp Java EncoderThe OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (-82.58%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-83.65%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-77.15%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-83.75%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+148.7%)
One Lin3rGives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (-36.06%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-84.26%)
HabuHacking Toolkit
Stars: ✭ 635 (-67.75%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (-68.46%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+268%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-70.39%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+72.22%)
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+293.7%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (-45.51%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (-40.27%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-93.6%)
Ntlmscanscan for NTLM directories
Stars: ✭ 141 (-92.84%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-93.65%)
CodabilityUseful helpers for working with Codable types in Swift
Stars: ✭ 125 (-93.65%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-92.38%)
EnteletaorMessage Queue & Broker Injection tool
Stars: ✭ 139 (-92.94%)
Nraynray distributed port scanner
Stars: ✭ 125 (-93.65%)
PakuriPenetration test Achieve Knowledge Unite Rapid Interface
Stars: ✭ 125 (-93.65%)
Node Console ProbeInspect JavaScript object methods and properties in the console.
Stars: ✭ 139 (-92.94%)
Struts2 check一个用于识别目标网站是否采用Struts2框架开发的工具demo
Stars: ✭ 124 (-93.7%)
Msploitego Pentesting suite for Maltego based on data in a Metasploit database
Stars: ✭ 124 (-93.7%)
InstahackBest Tool For instagram bruteforce hacking Tool By EvilDevil
Stars: ✭ 139 (-92.94%)
Wifi HackingCyber Security Tool For Hacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2/TKIP/IES)
Stars: ✭ 138 (-92.99%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-93.7%)