Surveillance des outils GitHub Star

Sommaire

hacking-tools
pentest-scripts
security-tools
pentest-tool
blueteam
redteam
pentesting-tools
osint-framework
redteam-tools
web-security
osint-tool
reverse-shell
metasploit
payloads
ethical-hacking-tools

hacking-tools

Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
https://github.com/edoardottt/awesome-hacker-search-engines
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

yakit
Cyber Security ALL-IN-ONE Platform
https://github.com/yaklang/yakit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-web-hacking
A list of web application security
https://github.com/infoslack/awesome-web-hacking
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
https://github.com/LasCC/Hack-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WhatWeb
Next generation web scanner
https://github.com/urbanadventurer/WhatWeb
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

xxh
🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
https://github.com/xxh/xxh
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

stegcloak
Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐
https://github.com/KuroLabs/stegcloak
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-hacking
Awesome hacking is an awesome collection of hacking tools.
https://github.com/jekil/awesome-hacking
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
https://github.com/vaib25vicky/awesome-mobile-security
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
https://github.com/OWASP/Nettacker
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

usbrubberducky-payloads
The Official USB Rubber Ducky Payload Repository
https://github.com/hak5/usbrubberducky-payloads
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SocialBox-Termux
SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By samsesh for termux on android
https://github.com/samsesh/SocialBox-Termux
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
https://github.com/EntySec/Ghost
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-termux-hacking
⚡️An awesome list of the best Termux hacking tools
https://github.com/may215/awesome-termux-hacking
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

tools
Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
https://github.com/nullsecuritynet/tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

blackhat-python3
Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.
https://github.com/EONRaider/blackhat-python3
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

PyPhisher
Easy to use phishing tool with 77 website templates. Author is not responsible for any misuse.
https://github.com/KasRoudra/PyPhisher
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

pentest-scripts

Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

PhoneSploit-Pro
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
https://github.com/AzeemIdrisi/PhoneSploit-Pro
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

EggShell
iOS/macOS/Linux Remote Administration Tool
https://github.com/lucasjacks0n/EggShell
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Lockdoor-Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
https://github.com/SofianeHamlaoui/Lockdoor-Framework
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
https://github.com/ForbiddenProgrammer/conti-pentester-guide-leak
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CrossLinked
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
https://github.com/m8sec/CrossLinked
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-hacking-lists
平常看到好的渗透hacking工具和多领域效率工具的集合
https://github.com/taielab/awesome-hacking-lists
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

JustTryHarder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
https://github.com/sinfulz/JustTryHarder
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

yasuo
A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
https://github.com/0xsauby/yasuo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Citadel
Collection of pentesting scripts
https://github.com/redcode-labs/Citadel
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

hackerEnv

https://github.com/abdulr7mann/hackerEnv
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

kaboom
A tool to automate penetration tests
https://github.com/Leviathan36/kaboom
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

dotdotslash
Search for Directory Traversal Vulnerabilities
https://github.com/jcesarstef/dotdotslash
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

POC-S
POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞，对功能进行强化以及脚本进行分类添加，自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC
https://github.com/jiangsir404/POC-S
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

getaltname
Extract subdomains from SSL certificates in HTTPS sites.
https://github.com/franccesco/getaltname
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Offensive-OSINT-Tools
OffSec OSINT Pentest/RedTeam Tools
https://github.com/wddadk/Offensive-OSINT-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CVE-2021-22205
GitLab CE/EE Preauth RCE using ExifTool
https://github.com/inspiringz/CVE-2021-22205
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

wifi-pentesting-guide
WiFi Penetration Testing Guide
https://github.com/ricardojoserf/wifi-pentesting-guide
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

pentest
some pentest scripts & tools by yaseng@uauc.net
https://github.com/yaseng/pentest
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

webstor
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
https://github.com/RossGeerlings/webstor
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

security-tools

x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
https://github.com/x64dbg/x64dbg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
https://github.com/aquasecurity/trivy
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

gitleaks
Protect and discover secrets using Gitleaks 🔑
https://github.com/gitleaks/gitleaks
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2022
https://github.com/Lissy93/personal-security-checklist
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

trufflehog
Find and verify credentials
https://github.com/trufflesecurity/trufflehog
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
https://github.com/CISOfy/lynis
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RustScan
🤖 The Modern Port Scanner 🤖
https://github.com/RustScan/RustScan
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
https://github.com/qeeqbox/social-analyzer
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
https://github.com/future-architect/vuls
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
https://github.com/smicallef/spiderfoot
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

scapy
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
https://github.com/secdev/scapy
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

fail2ban
Daemon to ban hosts that cause multiple authentication errors
https://github.com/fail2ban/fail2ban
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
https://github.com/toniblyx/my-arsenal-of-aws-security-tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

prowler
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
https://github.com/prowler-cloud/prowler
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

gosec
Golang security checker
https://github.com/securego/gosec
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
https://github.com/presidentbeef/brakeman
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

monkey
Infection Monkey - An open-source adversary emulation platform
https://github.com/guardicore/monkey
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
https://github.com/wazuh/wazuh
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

traitor
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
https://github.com/liamg/traitor
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

pentest-tool

dirsearch
Web path scanner
https://github.com/maurosoria/dirsearch
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
https://github.com/moonD4rk/HackBrowserData
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

thc-hydra
hydra
https://github.com/vanhauser-thc/thc-hydra
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OneForAll
OneForAll是一款功能强大的子域收集工具
https://github.com/shmilylty/OneForAll
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
https://github.com/projectdiscovery/httpx
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
https://github.com/LasCC/Hack-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

osmedeus
A Workflow Engine for Offensive Security
https://github.com/j3ssie/osmedeus
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

1earn
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
https://github.com/ffffffff0x/1earn
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
https://github.com/six2dez/reconftw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。
https://github.com/TophantTechnology/ARL
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

lscript
The LAZY script will make your life easier, and of course faster.
https://github.com/arismelachroinos/lscript
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
https://github.com/hktalent/scan4all
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
https://github.com/zhzyker/vulmap
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

kb
A minimalist command line knowledge base manager
https://github.com/gnebbia/kb
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WinPwn
Automation for internal Windows Penetrationtest / AD-Security
https://github.com/S3cur3Th1sSh1t/WinPwn
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
https://github.com/evyatarmeged/Raccoon
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

dirmap
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。
https://github.com/H4ckForJob/dirmap
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
https://github.com/Mr-xn/BurpSuite-collections
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

blueteam

theHarvester
E-mails, subdomains and names Harvester - OSINT
https://github.com/laramies/theHarvester
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
https://github.com/GTFOBins/GTFOBins.github.io
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
https://github.com/LOLBAS-Project/LOLBAS
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

yakit
Cyber Security ALL-IN-ONE Platform
https://github.com/yaklang/yakit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
https://github.com/rmusser01/Infosec_Reference
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
https://github.com/decalage2/awesome-security-hardening
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
https://github.com/ihebski/DefaultCreds-cheat-sheet
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
https://github.com/madhuakula/kubernetes-goat
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
https://github.com/JPCERTCC/LogonTracer
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

the_cyber_plumbers_handbook
Free copy of The Cyber Plumber's Handbook
https://github.com/opsdisk/the_cyber_plumbers_handbook
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
https://github.com/activecm/rita
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
https://github.com/WithSecureLabs/chainsaw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

snoop
Snoop — инструмент разведки на основе открытых данных (OSINT world)
https://github.com/snooppr/snoop
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

windows_hardening
HardeningKitty and Windows Hardening settings and configurations
https://github.com/0x6d69636b/windows_hardening
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

UltimateAppLockerByPassList
The goal of this repository is to document the most common techniques to bypass AppLocker.
https://github.com/api0cradle/UltimateAppLockerByPassList
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
https://github.com/A-poc/BlueTeam-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具
https://github.com/Mr-xn/RedTeam_BlueTeam_HW
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
https://github.com/api0cradle/LOLBAS
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Blue-Team-Notes
You didn't think I'd go and leave the blue team out, right?
https://github.com/Purp1eW0lf/Blue-Team-Notes
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

redteam

PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
https://github.com/swisskyrepo/PayloadsAllTheThings
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

sherlock
🔎 Hunt down social media accounts by username across social networks
https://github.com/sherlock-project/sherlock
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
https://github.com/bettercap/bettercap
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

dirsearch
Web path scanner
https://github.com/maurosoria/dirsearch
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

theHarvester
E-mails, subdomains and names Harvester - OSINT
https://github.com/laramies/theHarvester
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
https://github.com/samratashok/nishang
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Awesome-Red-Teaming
List of Awesome Red Teaming Resources
https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
https://github.com/LOLBAS-Project/LOLBAS
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

yakit
Cyber Security ALL-IN-ONE Platform
https://github.com/yaklang/yakit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
https://github.com/A-poc/RedTeam-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Awesome-CobaltStrike
CobaltStrike的相关资源汇总 / List of Awesome CobaltStrike Resources
https://github.com/zer0yu/Awesome-CobaltStrike
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
https://github.com/mantvydasb/RedTeaming-Tactics-and-Techniques
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Viper
Redteam operation platform with webui 图形化红队行动辅助平台
https://github.com/FunnyWolf/Viper
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
https://github.com/t3l3machus/Villain
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

kscan
Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。
https://github.com/lcvvvv/kscan
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WinPwn
Automation for internal Windows Penetrationtest / AD-Security
https://github.com/S3cur3Th1sSh1t/WinPwn
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

pentesting-tools

Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
https://github.com/We5ter/Scanners-Box
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WhatWeb
Next generation web scanner
https://github.com/urbanadventurer/WhatWeb
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

hoaxshell
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
https://github.com/t3l3machus/hoaxshell
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
https://github.com/jonaslejon/malicious-pdf
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

FinalRecon
The Last Web Recon Tool You'll Need
https://github.com/thewhiteh4t/FinalRecon
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
https://github.com/harsh-bothra/learn365
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Platypus
🔨 A modern multiple reverse shell sessions manager written in go
https://github.com/WangYihang/Platypus
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

toxssin
An XSS exploitation command-line interface and payload generator.
https://github.com/t3l3machus/toxssin
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

eyeballer
Convolutional neural network for analyzing pentest screenshots
https://github.com/BishopFox/eyeballer
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SocialPwned
SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed and obtain Google account information via GHunt.
https://github.com/MrTuxx/SocialPwned
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

APTRS
Automated Penetration Testing Reporting System
https://github.com/Anof-cyber/APTRS
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

offensive-docker
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
https://github.com/aaaguirrep/offensive-docker
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Packet-Sniffer
A Network Packet Sniffing tool developed in Python 3.
https://github.com/EONRaider/Packet-Sniffer
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

frida-ios-hook
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
https://github.com/noobpk/frida-ios-hook
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

osint-framework

Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OSINT-Framework
OSINT Framework
https://github.com/lockfale/OSINT-Framework
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

bbot
OSINT automation for hackers.
https://github.com/blacklanternsecurity/bbot
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

sn0int
Semi-automatic OSINT framework and package manager
https://github.com/kpcyrd/sn0int
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

octosuite
Advanced Github OSINT Framework
https://github.com/bellingcat/octosuite
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

harpoon
CLI tool for open source and threat intelligence
https://github.com/Te-k/harpoon
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Mr.Holmes
🔍 A Complete Osint Tool
https://github.com/Lucksi/Mr.Holmes
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

osint-tools
OSINT open-source tools catalog
https://github.com/HowToFind-bot/osint-tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OSINT-SAN
OSINT-SAN Framework дает возможность быстро находить информацию и деанонимизировать пользователей сети интернет.
https://github.com/Bafomet666/OSINT-SAN
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DarkScrape
OSINT Tool For Scraping Dark Websites
https://github.com/itsmehacker/DarkScrape
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

TwitWork
Monitor twitter stream from nodejs electron
https://github.com/atmoner/TwitWork
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

querytool
Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
https://github.com/oryon-osint/querytool
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DFW1N-OSINT
Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
https://github.com/DFW1N/DFW1N-OSINT
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

GhostRecon
An OSINT framework updated weekly, wich with you can search on precise targets, with a lot of features like person search, criminal search, or social media scanning with eamail/phone, and ip changer
https://github.com/KawaCoder/GhostRecon
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

H.I.V.E
H.I.V.E is an automated OSINT (Open Source Intelligence) multi-tool that enables efficient data gathering from various sources through the utilization of a single, unified platform.
https://github.com/Shad0w-ops/H.I.V.E
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Maltego
Maltego compilation of various assets, local transforms and helpful scripts
https://github.com/M0m0SMS-OSINT/Maltego
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

osintBOX
Script to modify a Parrot OS distro with the most popular OSINT tools
https://github.com/Dimaslg/osintBOX
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OSINTBookmarks
OSINT Bookmarks for Firefox / Chrome / Edge / Safari
https://github.com/5nacks/OSINTBookmarks
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Probe_spider
Probe_Spider is a Open Source Intelligence Tool made complete out of Python.
https://github.com/Aravindha1234u/Probe_spider
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

redteam-tools

yakit
Cyber Security ALL-IN-ONE Platform
https://github.com/yaklang/yakit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

dismap
Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点
https://github.com/zhzyker/dismap
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

goblin
一款适用于红蓝对抗中的仿真钓鱼系统
https://github.com/xiecat/goblin
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
https://github.com/mufeedvh/moonwalk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
https://github.com/0xsp-SRD/mortar
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
https://github.com/cyberark/kubesploit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

skanuvaty
Dangerously fast DNS/network/port scanner
https://github.com/Esc4iCEscEsc/skanuvaty
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

About-Attack
一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集，降低红队技术门槛的手册【持续更新】
https://github.com/lintstar/About-Attack
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Pyramid
a tool to help operate in EDRs' blind spots
https://github.com/naksyn/Pyramid
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RedTeam_toolkit
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
https://github.com/signorrayan/RedTeam_toolkit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

PowerShellArmoury
A PowerShell armoury for security guys and girls
https://github.com/cfalta/PowerShellArmoury
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ImpulsiveDLLHijack
C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
https://github.com/knight0x07/ImpulsiveDLLHijack
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

PipeViewer
A tool that shows detailed information about named pipes in Windows
https://github.com/cyberark/PipeViewer
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Dome
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
https://github.com/v4d1/Dome
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

frostbyte
FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
https://github.com/pwn1sher/frostbyte
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

eviltree
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
https://github.com/t3l3machus/eviltree
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

PetitPotato
Local privilege escalation via PetitPotam (Abusing impersonate privileges).
https://github.com/wh0amitz/PetitPotato
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

web-security

Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
https://github.com/MobSF/Mobile-Security-Framework-MobSF
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

hacker101
Source code for Hacker101.com - a free online web and mobile security class.
https://github.com/Hacker0x01/hacker101
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-web-hacking
A list of web application security
https://github.com/infoslack/awesome-web-hacking
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

bunkerweb
🛡️ Make your web services secure by default !
https://github.com/bunkerity/bunkerweb
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-bugbounty-tools
A curated list of various bug bounty tools
https://github.com/vavkamil/awesome-bugbounty-tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

awesome-nodejs-security
Awesome Node.js Security resources
https://github.com/lirantal/awesome-nodejs-security
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackVault
A container repository for my public web hacks!
https://github.com/0xSobky/HackVault
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DDoS-Ripper
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
https://github.com/palahsu/DDoS-Ripper
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

safeline
长亭科技自研，基于业界领先的语义引擎检测技术，打造的简洁、易用的免费 WAF
https://github.com/chaitin/safeline
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
https://github.com/lunasec-io/lunasec
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

GitHacker
🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches, common tags.
https://github.com/WangYihang/GitHacker
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

requests-ip-rotator
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
https://github.com/Ge0rg3/requests-ip-rotator
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

super-xray
Web漏洞扫描工具XRAY的GUI启动器
https://github.com/4ra1n/super-xray
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

FavFreak
Making Favicon.ico based Recon Great again !
https://github.com/devanshbatham/FavFreak
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CORScanner
🎯 Fast CORS misconfiguration vulnerabilities scanner
https://github.com/chenjj/CORScanner
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

cherrybomb
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
https://github.com/blst-security/cherrybomb
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Offensive-Resources
A Huge Learning Resources with Labs For Offensive Security Players
https://github.com/Zeyad-Azima/Offensive-Resources
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

openftp4
A list of all FTP servers in IPv4 that allow anonymous logins.
https://github.com/turbo/openftp4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

articles-translator
📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
https://github.com/madneal/articles-translator
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

osint-tool

Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

mosint
An automated e-mail OSINT tool
https://github.com/alpkeskin/mosint
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

bbot
OSINT automation for hackers.
https://github.com/blacklanternsecurity/bbot
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

octosuite
Advanced Github OSINT Framework
https://github.com/bellingcat/octosuite
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Moriarty-Project
This tool gives information about the phone number that you entered.
https://github.com/AzizKpln/Moriarty-Project
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Mr.Holmes
🔍 A Complete Osint Tool
https://github.com/Lucksi/Mr.Holmes
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

inventory
Asset inventory of over 800 public bug bounty programs.
https://github.com/trickest/inventory
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

skanuvaty
Dangerously fast DNS/network/port scanner
https://github.com/Esc4iCEscEsc/skanuvaty
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

URS
Universal Reddit Scraper - A comprehensive Reddit scraping command-line tool.
https://github.com/JosephLai241/URS
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SonarSearch
A rapid API for the Project Sonar dataset
https://github.com/Cgboal/SonarSearch
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CloudPeler
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
https://github.com/zidansec/CloudPeler
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

osint-tools
OSINT open-source tools catalog
https://github.com/HowToFind-bot/osint-tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

non-typical-OSINT-guide
The most unusual OSINT guide you've ever seen. The repository is intended for bored professionals only. PRs are welcome!
https://github.com/OffcierCia/non-typical-OSINT-guide
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SpiderSuite
Advance web spider/crawler for cyber security professionals
https://github.com/3nock/SpiderSuite
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

mailcat
Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
https://github.com/sharsil/mailcat
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

infoooze
A OSINT tool which helps you to quickly find information effectively. All you need is to input and it will take take care of rest.
https://github.com/devXprite/infoooze
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OSINT-FORENSICS-MOBILE
Tools OSINT MOBILE
https://github.com/CScorza/OSINT-FORENSICS-MOBILE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

reverse-shell

pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
https://github.com/n1nj4sec/pupy
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
https://github.com/LasCC/Hack-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Stitch
Python Remote Administration Tool (RAT)
https://github.com/nathanlopez/Stitch
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
https://github.com/joaomatosf/jexboss
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

EvilOSX
An evil RAT (Remote Administration Tool) for macOS / OS X.
https://github.com/Marten4n6/EvilOSX
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

AndroRAT
A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side
https://github.com/karma9874/AndroRAT
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

reverse-shell
Reverse Shell as a Service
https://github.com/lukechilds/reverse-shell
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
https://github.com/cytopia/pwncat
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking-With-Golang
Golang安全资源合集
https://github.com/AV1080p/Hacking-With-Golang
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

EggShell
iOS/macOS/Linux Remote Administration Tool
https://github.com/lucasjacks0n/EggShell
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Platypus
🔨 A modern multiple reverse shell sessions manager written in go
https://github.com/WangYihang/Platypus
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Chimera
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
https://github.com/tokyoneon/Chimera
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

chashell
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
https://github.com/sysdream/chashell
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ToRat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
https://github.com/lu4p/ToRat
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WPForce
Wordpress Attack Suite
https://github.com/n00py/WPForce
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
https://github.com/Fahrj/reverse-ssh
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HERCULES
HERCULES is a special payload generator that can bypass antivirus softwares.
https://github.com/EgeBalci/HERCULES
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

liffy
Local file inclusion exploitation tool
https://github.com/mzfr/liffy
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

metasploit

awesome-web-hacking
A list of web application security
https://github.com/infoslack/awesome-web-hacking
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

AutoSploit
Automated Mass Exploiter
https://github.com/NullArray/AutoSploit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
https://github.com/LasCC/Hack-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
https://github.com/leebaird/discover
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

backdoor-apk
backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
https://github.com/dana-at-cp/backdoor-apk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

One-Lin3r
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
https://github.com/D4Vinci/One-Lin3r
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

venom
venom - C2 shellcode generator/compiler/handler
https://github.com/r00t-3xp10it/venom
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

EggShell
iOS/macOS/Linux Remote Administration Tool
https://github.com/lucasjacks0n/EggShell
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

EasY_HaCk
Hack the World using Termux
https://github.com/sabri-zaki/EasY_HaCk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Winpayloads
Undetectable Windows Payload Generation
https://github.com/nccgroup/Winpayloads
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Findsploit
Find exploits in local and online databases instantly
https://github.com/1N3/Findsploit
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
https://github.com/v3n0m-Scanner/V3n0M-Scanner
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
https://github.com/ihebski/A-Red-Teamer-diaries
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

metasploit_in_termux
Install Metasploit Framework 6 in Termux
https://github.com/gushmazuko/metasploit_in_termux
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Redcloud
Automated Red Team Infrastructure deployement using Docker
https://github.com/khast3x/Redcloud
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

msfpc
MSFvenom Payload Creator (MSFPC)
https://github.com/g0tmi1k/msfpc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Kage
Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler
https://github.com/Zerx0r/Kage
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Ethical-Hacking-Tools
Complete Listing and Usage of Tools used for Ethical Hacking
https://github.com/hhhrrrttt222111/Ethical-Hacking-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Cooolis-ms
Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具，它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的代码，帮助红队人员更方便快捷的从Web容器环境切换到C2环境进一步进行工作。
https://github.com/Rvn0xsy/Cooolis-ms
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

payloads

bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
https://github.com/EdOverflow/bugbounty-cheatsheet
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
https://github.com/LasCC/Hack-Tools
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
https://github.com/payloadbox/xss-payload-list
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
https://github.com/daffainfo/AllAboutBugBounty
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

sql-injection-payload-list
🎯 SQL Injection Payload List
https://github.com/payloadbox/sql-injection-payload-list
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
https://github.com/1N3/IntruderPayloads
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

payloads
Git All the Payloads! A collection of web attack payloads.
https://github.com/foospidy/payloads
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

usbrubberducky-payloads
The Official USB Rubber Ducky Payload Repository
https://github.com/hak5/usbrubberducky-payloads
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackVault
A container repository for my public web hacks!
https://github.com/0xSobky/HackVault
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

pwndrop
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
https://github.com/kgretzky/pwndrop
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
https://github.com/terjanq/Tiny-XSS-Payloads
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
https://github.com/insightglacier/Dictionary-Of-Pentesting
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
https://github.com/nettitude/PoshC2
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Winpayloads
Undetectable Windows Payload Generation
https://github.com/nccgroup/Winpayloads
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
https://github.com/whwlsfb/BurpCrypto
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

pixload
Image Payload Creating/Injecting tools
https://github.com/sighook/pixload
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

xxe-injection-payload-list
🎯 XML External Entity (XXE) Injection Payload List
https://github.com/payloadbox/xxe-injection-payload-list
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
https://github.com/mvelazc0/defcon27_csharp_workshop
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ethical-hacking-tools

FluxER
FluxER - The bash script which installs and runs the Fluxion tool inside Termux. The wireless security auditing tool used to perform attacks such as WPA/WPA2 cracking and MITM attacks.
https://github.com/0n1cOn3/FluxER
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web appli…
https://github.com/abdulkadir-gungor/JPGtoMalware
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

xurlfind3r
A CLI utility to find domain's known URLs from AlienVault's Open Threat Exchange, Common Crawl, Github, Intelligence X, URLScan, and the Wayback Machine.
https://github.com/hueristiq/xurlfind3r
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Luna-Grabber
The best discord token grabber made in python
https://github.com/Smug246/Luna-Grabber
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Jasmin-Ransomware
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
https://github.com/codesiddhant/Jasmin-Ransomware
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

argus
Argus Advanced Remote & Local Keylogger For macOS and Windows
https://github.com/ALDON94/argus
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Webspoilt
This script will you help to find the information about the website and to help in penetrating testing
https://github.com/Deadshot0x7/Webspoilt
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HtmlSmuggling
HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and Ja…
https://github.com/abdulkadir-gungor/HtmlSmuggling
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

dark_web.py
Dark Web Informationgathering Footprinting Scanner and Recon Tool Release. Dark Web is an Information Gathering Tool I made in python 3. To run Dark Web, it only needs a domain or ip. Dark Web can work with any Linux distros if they support Python 3. Author: AKASHBLACKHAT(help for ethical hackers)
https://github.com/akashblackhat/dark_web.py
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

safe-harbour
security.txt collection of most popular world-wide domains
https://github.com/trickest/safe-harbour
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Beginners-Guide-to-Ethical-Hacking
For beginners which zero knowledge on ethical hacking!
https://github.com/CSI-SFIT/Beginners-Guide-to-Ethical-Hacking
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Elliot
A pentesting tool inspired by mr robot and derived by zphisher
https://github.com/krishnakatyal/Elliot
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack-Utils
Script to facilitate different functions and checks
https://github.com/b4shnhawx/Hack-Utils
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

PassMute
PassMute - A multi featured Password Transmutation/Mutator Tool
https://github.com/HITH-Hackerinthehouse/PassMute
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SQL-Injection
SQL Injection / SQL инъекциа - Hacking and bypass
https://github.com/KhetaguriDimitri/SQL-Injection
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

petep
PETEP (PEnetration TEsting Proxy) is open-source Java application for network communication proxying for the purpose of penetration testing. It allows penetration testers to setup proxies and interceptors to manage the traffic transmitted between client and server.
https://github.com/Warxim/petep
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

headmail
A tool designed to analyse email headers
https://github.com/umair9747/headmail
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

setup_hack_env
This is a versatile collection of scripts designed for OSINT, ethical hacking, and web application security testing. With a focus on automation and efficiency, these tools are ideal for streamlining your daily tasks. The scripts include TP-LINK-722N wifi drivers and are sourced from the Ethical-Hacking-Tools GitHub repository.
https://github.com/karthik558/setup_hack_env
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ethical-hacking-tools-python
Python programs & tools built in the Ethical Hacking with Python EBook
https://github.com/x4nth055/ethical-hacking-tools-python
Partager : LinkedIn / Twitter / Facebook / View / View (lite)