红队综合渗透框架
Support
Quality
Security
License
Reuse
Useful PowerShell scripts
Support
Quality
Security
License
Reuse
渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
Support
Quality
Security
License
Reuse
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
Support
Quality
Security
License
Reuse
A collection of Red Team focused tools, scripts, and notes
Support
Quality
Security
License
Reuse
Active Directory certificate abuse.
Support
Quality
Security
License
Reuse
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Support
Quality
Security
License
Reuse
Subdomain enumeration and information gathering tool
Support
Quality
Security
License
Reuse
Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Support
Quality
Security
License
Reuse
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Support
Quality
Security
License
Reuse
A portable console aimed at making pentesting with PowerShell a little easier.
Support
Quality
Security
License
Reuse
Active Directory Assessment and Privilege Escalation Script
Support
Quality
Security
License
Reuse
K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Support
Quality
Security
License
Reuse
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Support
Quality
Security
License
Reuse
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
Support
Quality
Security
License
Reuse
Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
Support
Quality
Security
License
Reuse
A fast tool to scan CRLF vulnerability written in Go
Support
Quality
Security
License
Reuse
d
doublepulsar-detection-scriptby WithSecureLabs
Python 
1000 Version:Current License: Permissive (BSD-3-Clause)
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Support
Quality
Security
License
Reuse
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Support
Quality
Security
License
Reuse
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
Support
Quality
Security
License
Reuse
d
doublepulsar-detection-scriptby countercept
Python 985 Version:Current License: Permissive (BSD-3-Clause)
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Support
Quality
Security
License
Reuse
Linux/Windows post-exploitation framework made by linux user
Support
Quality
Security
License
Reuse
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
Support
Quality
Security
License
Reuse
Plug-in type web vulnerability scanner
Support
Quality
Security
License
Reuse
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
Support
Quality
Security
License
Reuse
Extracting Clear Text Passwords from mstsc.exe using API Hooking.
Support
Quality
Security
License
Reuse
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Support
Quality
Security
License
Reuse
Support
Quality
Security
License
Reuse
Peirates - Kubernetes Penetration Testing tool
Support
Quality
Security
License
Reuse
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Support
Quality
Security
License
Reuse
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Support
Quality
Security
License
Reuse
:baby: BabySploit Beginner Pentesting Toolkit/Framework Written in Python :snake:
Support
Quality
Security
License
Reuse
Support
Quality
Security
License
Reuse
The SpecterOps project management and reporting engine
Support
Quality
Security
License
Reuse
SQL Vulnerability Scanner
Support
Quality
Security
License
Reuse
wide range mass audit toolkit
Support
Quality
Security
License
Reuse
Self contained htaccess shells and attacks
Support
Quality
Security
License
Reuse
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Support
Quality
Security
License
Reuse
C2/post-exploitation framework
Support
Quality
Security
License
Reuse
A Modular Penetration Testing Framework
Support
Quality
Security
License
Reuse
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Support
Quality
Security
License
Reuse
The Correlated CVE Vulnerability And Threat Intelligence Database API
Support
Quality
Security
License
Reuse
Mass scan IPs for vulnerable services
Support
Quality
Security
License
Reuse
A malicious LDAP server for JNDI injection attacks
Support
Quality
Security
License
Reuse
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Support
Quality
Security
License
Reuse
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Support
Quality
Security
License
Reuse
Open-source vulnerability disclosure and bug bounty program database
Support
Quality
Security
License
Reuse
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Support
Quality
Security
License
Reuse
Small, fast tool for performing reverse DNS lookups en masse.
Support
Quality
Security
License
Reuse
Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
Support
Quality
Security
License
Reuse
S
Support
Quality
Security
License
Reuse
P
PowerShellby clymb3r
Useful PowerShell scripts
PowerShell 1072Updated: 2 y ago
License: No License (No License)
1072Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
P
PentesterSpecialDictby ppbibo
渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
Python 1064Updated: 2 y ago License: No License (No License)
1064Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
D
DongTaiby HXSecurity
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
Python 1064Updated: 2 y ago License: Permissive (Apache-2.0)
1064Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
r
red-team-scriptsby threatexpress
A collection of Red Team focused tools, scripts, and notes
PowerShell 1061Updated: 2 y ago License: Permissive (BSD-3-Clause)
1061Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
C
Certifyby GhostPack
Active Directory certificate abuse.
C# 1060Updated: 2 y ago License: Proprietary (Proprietary)
1060Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
V
VHostScanby codingo
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Python 1039Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1039Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
A
Anubisby jonluca
Subdomain enumeration and information gathering tool
Python 1028Updated: 2 y ago License: Permissive (MIT)
1028Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
D
Dracnmapby screetsec
Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Shell 1027Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1027Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
B
BurpCryptoby whwlsfb
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Java 1023Updated: 2 y ago License: Permissive (MIT)
1023Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
P
PSAttackby jaredhaight
A portable console aimed at making pentesting with PowerShell a little easier.
C# 1023Updated: 4 y ago License: Permissive (MIT)
1023Updated: 4 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
A
ADAPE-Scriptby hausec
Active Directory Assessment and Privilege Escalation Script
PowerShell 1020Updated: 2 y ago License: No License (No License)
1020Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
K
K8CScanby k8gege
K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Python 1012Updated: 2 y ago License: Permissive (MIT)
1012Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
P
Perunby WyAtu
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Python 1009Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1009Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
b
bbhtby nahamsec
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
Shell 1009Updated: 2 y ago License: No License (No License)
1009Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
a
android-vtsby AndroidVTS
Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
Java 1005Updated: 2 y ago License: Proprietary (Proprietary)
1005Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
c
crlfuzzby dwisiswant0
A fast tool to scan CRLF vulnerability written in Go
Go 1002Updated: 2 y ago License: Permissive (MIT)
1002Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
d
doublepulsar-detection-scriptby WithSecureLabs
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Python 1000Updated: 2 y ago License: Permissive (BSD-3-Clause)
1000Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
F
FastjsonExploitby c0ny1
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Java 993Updated: 2 y ago License: No License (No License)
993Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
d
dumpallby 0xHJK
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
Python 987Updated: 2 y ago License: Permissive (MIT)
987Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
d
doublepulsar-detection-scriptby countercept
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Python 985Updated: 4 y ago License: Permissive (BSD-3-Clause)
985Updated: 4 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
e
emp3r0rby jm33-m0
Linux/Windows post-exploitation framework made by linux user
Go 985Updated: 2 y ago License: Permissive (MIT)
985Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
S
Sereinby W01fh4cker
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
Python 984Updated: 2 y ago License: No License (No License)
984Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
w
w9scanby w-digital-scanner
Plug-in type web vulnerability scanner
Python 979Updated: 4 y ago License: Strong Copyleft (GPL-2.0)
979Updated: 4 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
m
mutillidaeby webpwnized
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
PHP 972Updated: 2 y ago License: No License (No License)
972Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
R
RdpThiefby 0x09AL
Extracting Clear Text Passwords from mstsc.exe using API Hooking.
C++ 971Updated: 2 y ago License: No License (No License)
971Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
w
wordpress-exploit-frameworkby rastating
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Ruby 970Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
970Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
G
GodPotatoby BeichenDream
C# 967Updated: 2 y ago License: Permissive (Apache-2.0)
967Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
p
peiratesby inguardians
Peirates - Kubernetes Penetration Testing tool
Go 960Updated: 2 y ago License: Strong Copyleft (GPL-2.0)
960Updated: 2 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
S
Sudomyby Screetsec
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Shell 948Updated: 4 y ago License: Permissive (MIT)
948Updated: 4 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
passphrase-wordlistby initstring
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Python 946Updated: 2 y ago License: Permissive (MIT)
946Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
B
BabySploitby M4cs
:baby: BabySploit Beginner Pentesting Toolkit/Framework Written in Python :snake:
HTML 946Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
946Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
d
dnscanby rbsec
Python 943Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
943Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
G
Ghostwriterby GhostManager
The SpecterOps project management and reporting engine
Python 942Updated: 2 y ago License: Permissive (BSD-3-Clause)
942Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
w
whitewidowby WhitewidowScanner
SQL Vulnerability Scanner
Ruby 931Updated: 4 y ago License: No License (No License)
931Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
l
leviathanby utkusen
wide range mass audit toolkit
Python 925Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
925Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
h
htshellsby wireghoul
Self contained htaccess shells and attacks
Shell 924Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
924Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
x
xsserby epsylon
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Python 923Updated: 2 y ago License: No License (No License)
923Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
B
BlackMambaby loseys
C2/post-exploitation framework
Python 918Updated: 2 y ago License: Permissive (MIT)
918Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
f
fsocietyby fsociety-team
A Modular Penetration Testing Framework
Python 912Updated: 2 y ago License: Permissive (MIT)
912Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
B
BigBountyReconby Viralmaniar
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
C# 912Updated: 2 y ago License: Permissive (MIT)
912Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
v
vFeedby toolswatch
The Correlated CVE Vulnerability And Threat Intelligence Database API
Python 908Updated: 2 y ago License: Proprietary (Proprietary)
908Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
S
Silverby s0md3v
Mass scan IPs for vulnerable services
Python 907Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
907Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
r
rogue-jndiby veracode-research
A malicious LDAP server for JNDI injection attacks
Java 906Updated: 2 y ago License: Permissive (MIT)
906Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
D
DumpsterFireby TryCatchHCF
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Python 906Updated: 2 y ago License: Permissive (MIT)
906Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
j
jok3rby koutto
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
HTML 901Updated: 2 y ago License: Proprietary (Proprietary)
901Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
d
diodbby disclose
Open-source vulnerability disclosure and bug bounty program database
Python 897Updated: 2 y ago License: Permissive (CC0-1.0)
897Updated: 2 y ago License: Permissive (CC0-1.0)Support
Quality
Security
License
Reuse
s
sublertby yassineaboukir
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Python 891Updated: 2 y ago License: Permissive (MIT)
891Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
h
hakrevdnsby hakluke
Small, fast tool for performing reverse DNS lookups en masse.
Go 891Updated: 2 y ago License: Permissive (MIT)
891Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
l
legionby GoVanguard
Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
Python 884Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
884Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse