evaco222's Stars
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
OlivierLaflamme/Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Ullaakut/cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
bluscreenofjeff/Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
v1s1t0r1sh3r3/airgeddon
This is a multi-use bash script for Linux systems to audit wireless networks.
infobyte/faraday
Open Source Vulnerability Management Platform
ysrc/xunfeng
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
rmusser01/Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
juice-shop/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
1N3/Sn1per
Attack Surface Management Platform
vanhauser-thc/thc-hydra
hydra
maurosoria/dirsearch
Web path scanner
blaCCkHatHacEEkr/PENTESTING-BIBLE
articles
sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
OWASP/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
stevemcilwain/quiver
Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
rajkumardusad/IP-Tracer
Track any ip address with IP-Tracer. IP-Tracer is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracer.
EntySec/Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
sectool/redteam-hardware-toolkit
🔺 Red Team Hardware Toolkit 🔺
TebbaaX/Katana
Python Tool that gives you the ability to run Advanced Google Queries (Known as Google Dorks - Google Dorking)
Viralmaniar/Remote-Desktop-Caching-
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
pwnfoo/NTLMRecon
Enumerate information from NTLM authentication enabled web endpoints 🔎
abdulr7mann/hackerEnv