Trending repositories for topic pentest
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
A collection of hacking tools, resources and references to practice ethical hacking.
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
Program for determining types of files for Windows, Linux and MacOS.
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges ...
A list of resources for those interested in getting started in bug bounties
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
An auto-updating list of shodan dorks with info on the amount of results they return!
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Program for determining types of files for Windows, Linux and MacOS.
A list of resources for those interested in getting started in bug bounties
A fast, simple, recursive content discovery tool written in Rust.
A collection of hacking tools, resources and references to practice ethical hacking.
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
An auto-updating list of shodan dorks with info on the amount of results they return!
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
Tool set for Information security professionals and all others
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking tools, resources and references to practice ethical hacking.
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
Program for determining types of files for Windows, Linux and MacOS.
A fast, simple, recursive content discovery tool written in Rust.
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
A list of resources for those interested in getting started in bug bounties
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
An auto-updating list of shodan dorks with info on the amount of results they return!
CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cl...
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
Automated tool for patching APKs to enable the use of Frida gadget by downloading the library and injecting code into the main activity.
Frida Script Runner is a versatile web-based tool designed for Android and iOS penetration testing purposes.
Tool set for Information security professionals and all others
The goal of this guide is very simple - to teach anyone interested in cyber security, regardless of their knowledge level, how to make the most of Netlas.io.
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
An auto-updating list of shodan dorks with info on the amount of results they return!
Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
Interact with Hackthebox using your terminal - Be faster and more competitive !
ThreatTracer - A python Script to identify CVE by name & version by @FR13ND0x7F
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cl...
Frida Script Runner is a versatile web-based tool designed for Android and iOS penetration testing purposes.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking tools, resources and references to practice ethical hacking.
Program for determining types of files for Windows, Linux and MacOS.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
A fast, simple, recursive content discovery tool written in Rust.
A list of resources for those interested in getting started in bug bounties
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
The goal of this guide is very simple - to teach anyone interested in cyber security, regardless of their knowledge level, how to make the most of Netlas.io.
Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
A small script to resolve domains to Azure AD tenants (and OAuth login portals)
CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications ...
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
A nostalgic journey back to the era of retro RPGs with a cyber twist in the theme of Die Hard
