Trending repositories for topic pentesting
Hunt down social media accounts by username across social networks
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Test your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command ...
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
A collection of hacking tools, resources and references to practice ethical hacking.
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
My ESP32-Deauther ported to the RTL8720dn, allowing users to deauthenticate on 5GHz now!
A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.
ThreatTracer - A python Script to identify CVE by name & version by @FR13ND0x7F
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
RedTiger-Tools is a free multi-tool with many features in the areas of Cybersecurity, Pentesting, OSINT, Network Scanning, Discord and Hacking.
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
🧑🏻💻 Professional bspwm desktop environment for kali linux for hacking, of all kinds, with custom shortcuts, scripts, s4vitar configurations, among other things.
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Hunt down social media accounts by username across social networks
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Test your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command ...
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
A collection of hacking tools, resources and references to practice ethical hacking.
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
My ESP32-Deauther ported to the RTL8720dn, allowing users to deauthenticate on 5GHz now!
A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.
🧑🏻💻 Professional bspwm desktop environment for kali linux for hacking, of all kinds, with custom shortcuts, scripts, s4vitar configurations, among other things.
Kali-ios brings the power and versatility of Kali Linux right at your fingertips. It allows users to access Kali in text mode through a terminal emulator from their iOS devices and to leverage the com...
Kerberos Attacks From Networks or Domain controller log Perspective. 𝗖𝗿𝗮𝗰𝗞𝗲𝗿𝗕𝗹𝗶𝘁𝘇 Involves the use of <rc4_hmac> in Kerberos exchanges.
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
This is a website penetration testing tool for testing webdav server vulnerabilities.
Evil portal app for the flipper zero + WiFi dev board, Works on OFW, better on RM!
List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
ThreatTracer - A python Script to identify CVE by name & version by @FR13ND0x7F
Hunt down social media accounts by username across social networks
Test your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command ...
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
My ESP32-Deauther ported to the RTL8720dn, allowing users to deauthenticate on 5GHz now!
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
Git Exposed leverages the unintended exposure of .git directories to clone and reconstruct complete projects, providing a clear window into potential vulnerabilities.
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
RedTiger-Tools is a free multi-tool with many features in the areas of Cybersecurity, Pentesting, OSINT, Network Scanning, Discord and Hacking.
Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...
Advanced phishing tool | Automated Self-Hosting | SSH tunneling | 32+ Templates | Remastered version of xHak9x
🧑🏻💻 Professional bspwm desktop environment for kali linux for hacking, of all kinds, with custom shortcuts, scripts, s4vitar configurations, among other things.
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
A detailed plan to achieve proficiency in hacking and penetration testing, with pathways including obtaining a degree in cybersecurity or earning relevant certifications.
RedTiger-Tools is a free multi-tool with many features in the areas of Cybersecurity, Pentesting, OSINT, Network Scanning, Discord and Hacking.
CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH
Collection of cheat sheets useful for pentesting
BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
Official Kali Linux tool to check all urls of a domain for SQL injections :)
This Repo serves as a collection of shared security and penetration testing resources for the cloud.
Kali-ios brings the power and versatility of Kali Linux right at your fingertips. It allows users to access Kali in text mode through a terminal emulator from their iOS devices and to leverage the com...
Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.
Athena OS Nix configuration files focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!
An auto-updating list of shodan dorks with info on the amount of results they return!
Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, ...
Hunt down social media accounts by username across social networks
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Test your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command ...
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
A collection of hacking tools, resources and references to practice ethical hacking.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...
CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
🧑🏻💻 Professional bspwm desktop environment for kali linux for hacking, of all kinds, with custom shortcuts, scripts, s4vitar configurations, among other things.
Helping Ethical Hackers use LLMs in 50 Lines of Code or less..
The perfect butler for pentesters, bug-bounty hunters and security researchers
This repository contains a list of roadmaps I created with my suggestions on LinkedIn and Twitter.🤞🏻😌
This repo offers notes and resources on ethical hacking, covering information gathering, scanning, web hacking, exploitation, and Windows/Linux hacking.
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
Pen Test Report Generation and Assessment Collaboration
A fast and comprehensive tool for organizational network scanning
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
Delve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skil...
This Repo serves as a collection of shared security and penetration testing resources for the cloud.
SecretScraper is a web scraper that crawl through target websites, scrape from http response and extract secret information via regular expression.