SpoofcheckSimple script that checks a domain for email protections
Stars: ✭ 437 (+158.58%)
Cli🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Stars: ✭ 2,151 (+1172.78%)
Cookie crimesRead local Chrome cookies without root or decrypting
Stars: ✭ 434 (+156.8%)
PgenCommand-line passphrase generator
Stars: ✭ 68 (-59.76%)
GosecGolang security checker
Stars: ✭ 5,694 (+3269.23%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-33.14%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+150.89%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+5306.51%)
ChroniclePublic append-only ledger microservice built with Slim Framework
Stars: ✭ 429 (+153.85%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-1.18%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (+150.3%)
EhtoolsWi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+149.7%)
Nordvpn NetworkmanagerA CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.
Stars: ✭ 111 (-34.32%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+146.15%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-62.72%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+144.97%)
RelayerSMB Relay Attack Script
Stars: ✭ 136 (-19.53%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-48.52%)
Gg ShieldDetect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Stars: ✭ 708 (+318.93%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+552.66%)
TelemetrysourcererEnumerate and disable common sources of telemetry used by AV/EDR.
Stars: ✭ 400 (+136.69%)
SyswallWork in progress firewall for Linux syscalls, written in Rust
Stars: ✭ 110 (-34.91%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (+135.5%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+2191.72%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+318.34%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+539.64%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-49.11%)
HardeningHardening Ubuntu. Systemd edition.
Stars: ✭ 705 (+317.16%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+126.04%)
Mitm Scripts🔄 A collection of mitmproxy inline scripts
Stars: ✭ 109 (-35.5%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+125.44%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+534.91%)
Myscanmyscan 被动扫描
Stars: ✭ 373 (+120.71%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+979.29%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+116.57%)
Linux Secureboot KitTool for complete hardening of Linux boot chain with UEFI Secure Boot
Stars: ✭ 54 (-68.05%)
OffensivedlrToolbox containing research notes & PoC code for weaponizing .NET's DLR
Stars: ✭ 364 (+115.38%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+118.93%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-68.64%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (+117.16%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-4.14%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+114.79%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-36.09%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (+113.02%)
RtaRed team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
Stars: ✭ 358 (+111.83%)
ApisecuritybestpracticesResources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
Stars: ✭ 1,745 (+932.54%)
R0akr0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
Stars: ✭ 698 (+313.02%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+300.59%)
ServerscanServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Stars: ✭ 674 (+298.82%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+497.04%)
Attiny85RubberDucky like payloads for DigiSpark Attiny85
Stars: ✭ 169 (+0%)
Finshir💫 An asynchronous Low & Slow traffic generator, written in Rust
Stars: ✭ 168 (-0.59%)
AndroidlibraryAndroid library to reveal or obfuscate strings and assets at runtime
Stars: ✭ 162 (-4.14%)