Lists (1)
Sort Name ascending (A-Z)
Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
E-mails, subdomains and names Harvester - OSINT
Incredibly fast crawler designed for OSINT.
Fast subdomains enumeration tool for penetration testers
an awesome list of honeypot resources
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
Open source software that helps you create and deploy high-frequency crypto trading bots
A library that allows you to easily mock out tests based on AWS infrastructure.
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
Emulator for rapid prototyping of Software Defined Networks
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Automated All-in-One OS Command Injection Exploitation Tool.
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS 🎭
A python script that finds endpoints in JavaScript files