Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with pentest
A curated list of projects in awesome lists tagged with pentest .
https://github.com/swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 26 Oct 2024
https://swisskyrepo.github.io/PayloadsAllTheThings/
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 23 Nov 2024
https://github.com/swisskyrepo/payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 16 Dec 2024
https://github.com/Sundowndev/hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
exploitation frameworks hacking hacking-tool hacktools information-gathering penetration-testing pentest pentesting post-exploitation roadmap security web-hacking
Last synced: 24 Oct 2024
https://github.com/sundowndev/hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
exploitation frameworks hacking hacking-tool hacktools information-gathering penetration-testing pentest pentesting post-exploitation roadmap security web-hacking
Last synced: 26 Sep 2024
https://github.com/qeeqbox/social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
analysis analyzer cli information-gathering javascript nodejs nodejs-cli osint pentest pentesting person-profile profile python reconnaissance security-tools social-analyzer social-media sosint username
Last synced: 16 Dec 2024
https://github.com/nahamsec/resources-for-beginner-bug-bounty-hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 03 Dec 2024
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 31 Oct 2024
https://github.com/secwiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
collections exploit kernel pentest tool windows
Last synced: 19 Dec 2024
https://github.com/SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
collections exploit kernel pentest tool windows
Last synced: 24 Oct 2024
https://github.com/horsicq/detect-it-easy
Program for determining types of files for Windows, Linux and MacOS.
binary-analysis debugger detect detector disassembler elf entropy hacktoberfest hacktoberfest2023 mach-o macho malware-analysis malware-research packer pentest program-analysis reverse-engineering scanner static-analysis unpacker
Last synced: 21 Dec 2024
https://github.com/sensepost/objection
📱 objection - runtime mobile exploration
android framework frida instrumentation ios mobile pentest security
Last synced: 16 Dec 2024
https://github.com/horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
binary-analysis debugger detect detector disassembler elf entropy hacktoberfest hacktoberfest2023 mach-o macho malware-analysis malware-research packer pentest program-analysis reverse-engineering scanner static-analysis unpacker
Last synced: 05 Nov 2024
https://github.com/yaklang/yakit
Cyber Security ALL-IN-ONE Platform
blueteam burpsuite exploit golang hacking hacking-tools pentest redteam redteam-tools scanner security
Last synced: 17 Dec 2024
https://github.com/a-poc/redteam-tools
Tools and Techniques for Red Team / Penetration Testing
cheatsheet cybersecurity enumeration hacking linux mitre-attack payload penetration-testing pentest pentest-tools red-team red-team-tools redteam resources security-tools tools windows
Last synced: 19 Dec 2024
https://github.com/epi052/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
content-discovery enumeration hacktoberfest pentest pentesting-tool rust url-bruteforcer web
Last synced: 16 Dec 2024
https://github.com/A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
cheatsheet cybersecurity enumeration hacking linux mitre-attack payload penetration-testing pentest pentest-tools red-team red-team-tools redteam resources security-tools tools windows
Last synced: 01 Nov 2024
https://github.com/daffainfo/allaboutbugbounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 18 Dec 2024
https://github.com/k8gege/k8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
0day apt brute-force bypass crack database exploit getshell hacking netscan password pentest poc privilege-escalation scanner
Last synced: 19 Dec 2024
https://github.com/daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 06 Nov 2024
https://github.com/k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
0day apt brute-force bypass crack database exploit getshell hacking netscan password pentest poc privilege-escalation scanner
Last synced: 01 Nov 2024
https://github.com/six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities
Last synced: 18 Dec 2024
https://github.com/ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting
Last synced: 03 Nov 2024
https://github.com/orange-cyberdefense/goad
game of active directory
active-directory ansible infrastructure-as-code pentest terraform vagrant
Last synced: 17 Dec 2024
https://github.com/urbanadventurer/whatweb
Next generation web scanner
application-security appsec hacking hacking-tools kali-linux network-security owasp penetration-test penetration-testing penetration-testing-tools pentest pentesting pentesting-tools recon ruby scanner security security-tools web web-hacking
Last synced: 17 Dec 2024
https://github.com/urbanadventurer/WhatWeb
Next generation web scanner
application-security appsec hacking hacking-tools kali-linux network-security owasp penetration-test penetration-testing penetration-testing-tools pentest pentesting pentesting-tools recon ruby scanner security security-tools web web-hacking
Last synced: 26 Oct 2024
https://github.com/ffffffff0x/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
blueteam collection ctf hacking ics-security infosec linux-learning markdown-article pentest pentest-tool poc post-penetration redteam security security-tools study writeup
Last synced: 17 Dec 2024
https://github.com/Orange-Cyberdefense/GOAD
game of active directory
active-directory ansible infrastructure-as-code pentest terraform vagrant
Last synced: 05 Nov 2024
https://github.com/ihebski/defaultcreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting
Last synced: 29 Oct 2024
https://github.com/k8gege/ladon
Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange
brute-force exp exploit getshell hack hacking ipscanner ladon netscan password pentest poc portscan scanner security security-scanner security-tools tools
Last synced: 20 Dec 2024
https://github.com/alpkeskin/mosint
An automated e-mail OSINT tool
automation data-breach email email-checker go hacking information-gathering osint osint-tool pentest pwn python-hacking social-media socmint verification-service
Last synced: 19 Dec 2024
https://github.com/k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
brute-force exp exploit getshell hack hacking ipscanner ladon netscan password pentest poc portscan scanner security security-scanner security-tools tools
Last synced: 11 Nov 2024
https://github.com/Hackplayers/evil-winrm
The ultimate WinRM shell for hacking/pentesting
docker evil-winrm hacking kerberos pass-the-hash pentest pentesting pentesting-windows powershell psrp remote-management ruby shell win-rm winrm
Last synced: 07 Nov 2024
https://github.com/hackplayers/evil-winrm
The ultimate WinRM shell for hacking/pentesting
docker evil-winrm hacking kerberos pass-the-hash pentest pentesting pentesting-windows powershell psrp remote-management ruby shell win-rm winrm
Last synced: 16 Dec 2024
https://github.com/undeadsec/socialfish
Phishing Tool & Information Collector
educational pentest pentesting phishing python undead
Last synced: 17 Dec 2024
https://github.com/UndeadSec/SocialFish
Phishing Tool & Information Collector
educational pentest pentesting phishing python undead
Last synced: 30 Oct 2024
https://github.com/lcvvvv/kscan
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
brute-force bruteforce exploit fingerprint pentest red-team redteam scanner security webscan
Last synced: 19 Dec 2024
https://github.com/t3l3machus/villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools
Last synced: 20 Dec 2024
https://github.com/skerkour/black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
audit beacon bug-bounty bug-hunting c2 hacking infosec offensive-security pentest pentesting phishing red-team rust scanner security security-tools shellcodes trojan virus wasm
Last synced: 17 Dec 2024
https://github.com/t3l3machus/Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools
Last synced: 01 Nov 2024
https://github.com/foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
appsec cybersecurity hacking passwords payload payloads pentest sqli web-attack-payloads xss
Last synced: 19 Dec 2024
https://github.com/lanjelot/patator
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Last synced: 16 Dec 2024
https://github.com/nixawk/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Last synced: 20 Dec 2024
https://github.com/zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
afrog bug-bounty penetration-testing pentest poc red-teaming vulnerability-scanner vulnerability-scanning-tools
Last synced: 17 Dec 2024
https://github.com/Pennyw0rth/NetExec
The Network Execution Tool
active-directory hacking infosec infosectools networks pentest pentest-tool pentest-tools pentesting python python3 red-team security security-tools windows
Last synced: 05 Nov 2024
https://github.com/pennyw0rth/netexec
The Network Execution Tool
active-directory hacking infosec infosectools networks pentest pentest-tool pentest-tools pentesting python python3 red-team security security-tools windows
Last synced: 18 Dec 2024
https://github.com/swisskyrepo/ssrfmap
Automatic SSRF fuzzer and exploitation tool
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability
Last synced: 17 Dec 2024
https://github.com/swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability
Last synced: 03 Nov 2024
https://github.com/ascotbe/kernelhub
:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
cve cve-2021-26868 cve-2021-33739 cve-2021-34486 cve-2021-36934 cve-2021-40444 cve-2021-40449 cve-2021-42278 cve-2021-42287 cve-2022-21882 cve-2022-26937 cve-2022-30206 cve-2022-33679 cve-2022-34718 exploits kernel linux pentest tool windows
Last synced: 20 Dec 2024
https://github.com/Ascotbe/Kernelhub
:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
cve cve-2021-26868 cve-2021-33739 cve-2021-34486 cve-2021-36934 cve-2021-40444 cve-2021-40449 cve-2021-42278 cve-2021-42287 cve-2022-21882 cve-2022-26937 cve-2022-30206 cve-2022-33679 cve-2022-34718 exploits kernel linux pentest tool windows
Last synced: 05 Nov 2024
https://github.com/christophetd/cloudflair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
censys cloudflare pentest pentest-tool
Last synced: 18 Dec 2024
https://github.com/christophetd/CloudFlair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
censys cloudflare pentest pentest-tool
Last synced: 30 Oct 2024
https://github.com/rewardone/oscprepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
oscp penetration-testing pentest reconscan
Last synced: 21 Dec 2024
https://github.com/rewardone/OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
oscp penetration-testing pentest reconscan
Last synced: 09 Nov 2024
https://github.com/voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup
Last synced: 30 Nov 2024
https://github.com/Voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup
Last synced: 24 Oct 2024
https://github.com/cujanovic/ssrf-testing
SSRF (Server Side Request Forgery) testing resources
pentest pentest-tool pentesting server-side-request-forgery ssrf
Last synced: 03 Nov 2024
https://github.com/pwndoc/pwndoc
Pentest Report Generator
audit collaboration infosec penetration-testing pentest pentesting-tool reporting reporting-tool security security-audit security-tool vulnerabilities
Last synced: 19 Dec 2024
https://github.com/cujanovic/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
pentest pentest-tool pentesting server-side-request-forgery ssrf
Last synced: 25 Oct 2024
https://github.com/th3xace/sudo_killer
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
abuse-sudo ctf cve exploits linux-exploits misconfiguration oscp oscp-journey oscp-prep oscp-tools pentest pentest-tool privilege-escalation sudo sudo-exploitation
Last synced: 19 Dec 2024
https://github.com/m0rtem/cloudfail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
bruteforce cloudflare cloudflare-ip database ip pentest pentesting python3 recon scanner tor
Last synced: 20 Dec 2024
https://github.com/TH3xACE/SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
abuse-sudo ctf cve exploits linux-exploits misconfiguration oscp oscp-journey oscp-prep oscp-tools pentest pentest-tool privilege-escalation sudo sudo-exploitation
Last synced: 07 Nov 2024
https://github.com/m0rtem/CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
bruteforce cloudflare cloudflare-ip database ip pentest pentesting python3 recon scanner tor
Last synced: 28 Oct 2024
https://github.com/sevagas/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
macros meterpreter msoffice obfuscation pentest redteam social-engineering vba
Last synced: 30 Sep 2024
https://github.com/evilcos/xssor2
XSS'OR - Hack with JavaScript.
csrf encoding hack hacking-tool pentest pentest-tool probe xss
Last synced: 14 Oct 2024
https://github.com/inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
api-pentest api-security bug-bounty bugbounty bugbountytips infosec pentest security
Last synced: 26 Oct 2024
https://github.com/isafeblue/trackray
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Last synced: 21 Dec 2024
https://github.com/iSafeBlue/TrackRay
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Last synced: 05 Nov 2024
https://github.com/bhavsec/reconspider
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
automated cybersecurity framework hacking information-gathering osint pentest pentesting python recon reconnaissance scanner security
Last synced: 30 Oct 2024
https://github.com/insightglacier/dictionary-of-pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi
Last synced: 15 Dec 2024
https://github.com/insightglacier/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi
Last synced: 21 Nov 2024
https://github.com/anouarbensaad/vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
auto-exploiter bot cloudflare-detection cms-detector crawler detects-vulnerabilities dorks exploits hacking information-gathering pentest security-tools shell-injection subdomains-gathering vulnerability vulnerability-assessment vulnerability-detection vulnerability-exploit website-vulnerability-scanner wp-scanner
Last synced: 20 Dec 2024
https://github.com/m0nad/diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
advanced-persistent-threat backdoor c hacking hacking-tool kernel kernel-module linux linux-kernel lkm-rootkit malware pentest pentesting redteam redteaming rootkit security security-audit security-tools stealth
Last synced: 21 Dec 2024
https://github.com/lefayjey/linwinpwn
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
active-directory adcs adsecurity bloodhound enumeration exploitation hacking impacket kerberoast kerberos mssql penetration-testing pentest pentest-tool pentesting
Last synced: 19 Dec 2024
https://github.com/lefayjey/linWinPwn
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
active-directory adcs adsecurity bloodhound enumeration exploitation hacking impacket kerberoast kerberos mssql penetration-testing pentest pentest-tool pentesting
Last synced: 21 Nov 2024
https://github.com/m0nad/Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
advanced-persistent-threat backdoor c hacking hacking-tool kernel kernel-module linux linux-kernel lkm-rootkit malware pentest pentesting redteam redteaming rootkit security security-audit security-tools stealth
Last synced: 27 Oct 2024
https://github.com/owtf/owtf
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
framework kali-linux owasp owtf pentest python security web-application-security
Last synced: 29 Oct 2024
https://github.com/HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
api api-security bugbounty bugbounty-writeups bugbountytips checklist pentest pentesting security web webapp websecurity writeups
Last synced: 21 Nov 2024
https://github.com/cytopia/pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
bind-shell cytopia-sec local-port-forward local-port-forwarding nc ncat netcat penetration-testing pentest pentest-tool pentesting pentesting-tool pivoting port-forwarding portforward pwncat remote-port-forward remote-port-forwarding remote-shell reverse-shell
Last synced: 20 Dec 2024
https://github.com/al0ne/vxscan
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
cdn detection directory-scanning fingerprint fingerprint-recognition-error identification pentest poc-scanning port-scanning portscan python python3 scan-tool security-tools tools waf website-fingerprint
Last synced: 15 Dec 2024
https://github.com/al0ne/Vxscan
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
cdn detection directory-scanning fingerprint fingerprint-recognition-error identification pentest poc-scanning port-scanning portscan python python3 scan-tool security-tools tools waf website-fingerprint
Last synced: 25 Oct 2024
https://github.com/1n3/findsploit
Find exploits in local and online databases instantly
bugbounty exploitdb exploits find hackers metasploit nmap pentest search
Last synced: 15 Dec 2024
https://github.com/quentinhardy/odat
ODAT: Oracle Database Attacking Tool
oracle-database pentest pentest-tool privilege-escalation
Last synced: 19 Dec 2024
https://github.com/1N3/Findsploit
Find exploits in local and online databases instantly
bugbounty exploitdb exploits find hackers metasploit nmap pentest search
Last synced: 30 Oct 2024
https://github.com/metlo-labs/metlo
Metlo is an open-source API security platform.
api-gateway api-pentest api-security application-security aws bugbounty bugbounty-tools cybersecurity infosec infosectools metlo monitoring pentest security vulnerabilities vulnerability-detection
Last synced: 19 Dec 2024
https://github.com/ch0pin/medusa
Binary instrumentation framework based on FRIDA
android android-malware dynamic-analysis frida frida-scripts frida-snippets malware medusa penetration-testing pentest
Last synced: 19 Dec 2024
https://github.com/Ch0pin/medusa
Binary instrumentation framework based on FRIDA
android android-malware dynamic-analysis frida frida-scripts frida-snippets malware medusa penetration-testing pentest
Last synced: 06 Nov 2024
https://github.com/gosecure/pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
hacktoberfest honeypot mitm pentest pyrdp rdp security
Last synced: 18 Dec 2024
https://github.com/TryCatchHCF/Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
av-evasion cipher cryptography data-exfiltration dlp exfiltration hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting privacy red-team security security-tools steganography stego
Last synced: 01 Nov 2024
https://github.com/GoSecure/pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
hacktoberfest honeypot mitm pentest pyrdp rdp security
Last synced: 25 Oct 2024
https://github.com/ron190/jsql-injection
jSQL Injection is a Java application for automatic SQL database injection.
ctf-tools devops docker hacking hibernate java kali-linux pentest sonarcloud spock spring-boot sql-injection
Last synced: 30 Oct 2024
https://github.com/Syslifters/sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
cdsa chhb cpts hackthebox infosectools offsec oscp osed osee osep oswa oswe oswp penetration-testing pentest pentesting-tool reporting reporting-tool security-assessment security-audit
Last synced: 09 Nov 2024
https://github.com/0x00-0x00/shellpop
Pop shells like a master.
bind hacking pentest pop-shells remote reverse shell
Last synced: 15 Dec 2024
