dnnnn's Stars
bigsen/Theos-Script
Theos Script
ym2011/PenetrationTestingScripts
Here is some simple and useful scripts for penetration.
m4n3dw0lf/pythem
pentest framework
jaywcjlove/awesome-mac
Now we have become very big, Different from the original idea. Collect premium software in various categories.
riswandans/litesploit
library and intepreter for penetration testing tools
faizann24/XssPy
XssPy - Web Application XSS Scanner
shadowsocks/shadowsocks-android
A shadowsocks client for Android
jgm/pandoc
Universal markup converter
sensepost/reDuh
Create a TCP circuit through validly formed HTTP requests
derv82/wifite
michenriksen/gitrob
Reconnaissance tool for GitHub organizations
galkan/crowbar
Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
ElevenPaths/EvilFOCA
Tool to analyze and test security in IPv4 and IPv6 data networks
madeye/proxydroid
Global Proxy for Android
OneSourceCat/sqli-proxy
sybrenstuvel/python-rsa
Python-RSA is a pure-Python RSA implementation.
hashcat/hashcat
World's fastest and most advanced password recovery utility
iSECPartners/Introspy-Analyzer
iSECPartners/Introspy-iOS
Security profiling for blackbox iOS
iSECPartners/ios-ssl-kill-switch
Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps
strazzere/android-unpacker
Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
Veil-Framework/Veil-Evasion
Veil Evasion is no longer supported, use Veil 3.0!
T3rry7f/BadTunnel_exp
Usage: python badtunnel.py wpad_server_ip
owasp-modsecurity/ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
SpiderLabs/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
infobyte/evilgrade
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
khalilbijjou/WAFNinja
WAFNinja is a tool which contains two functions to attack Web Application Firewalls.
iSECPartners/android-ssl-bypass
Black box tool to bypass SSL verification on Android, even when pinning is used.
jduck/addjsif
Metasploit Exploit Module for the Android addJavascriptInterface Issue (MITM)
hexojs/hexo
A fast, simple & powerful blog framework, powered by Node.js.