hexcat

hexcat's Stars

• ashirt-ops/ashirt-server

  Adversary Simulators High-Fidelity Intelligence and Reporting Toolkit

  Language:Go15116

• d0ge/sign-saboteur

  SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens

  Language:Java1358

• nccgroup/ScoutSuite

  Multi-Cloud Security Auditing Tool

  Language:Python6.6k1k

• Stratus-Security/Subdominator

  The Internets #1 Subdomain Takeover Tool

  Language:C#20916

• kkrypt0nn/wordlists

  📜 A collection of wordlists for many different usages

  1.1k227

• BC-SECURITY/Moriarty

  Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.

  Language:C#46854

• Mazars-Tech/AD_Miner

  AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

  Language:JavaScript1.1k110

• D00Movenok/BounceBack

  ↕️🤫 Stealth redirector for your red team operation security

  Language:Go61267

• hoodoer/JS-Tap

  JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.

  Language:JavaScript32733

• byt3bl33d3r/OffensiveDLR

  Toolbox containing research notes & PoC code for weaponizing .NET's DLR

  Language:PowerShell513114

• x1trap/websec-answers

  Websec interview questions by tib3rius answered

  29827

• reddelexc/hackerone-reports

  Top disclosed reports from HackerOne

  Language:Python3.7k693

• S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  5.4k1.2k

• klezVirus/vortex

  VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

  Language:Python41950

• ustayready/fireprox

  AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

  Language:Python1.9k264

• indianajson/can-i-take-over-dns

  "Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

  95988

• trufflesecurity/xsshunter

  Language:SCSS33294

• API-Security/APIKit

  APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

  Language:Java1.9k166

• nemesida-waf/waf-bypass

  Check your WAF before an attacker does

  Language:Python1.2k159

• jpillora/chisel

  A fast TCP/UDP tunnel over HTTP

  Language:Go12.7k1.3k

• hashcat/hashcat

  World's fastest and most advanced password recovery utility

  Language:C20.9k2.9k

• ostif-org/OSTIF

  Security Work and Manual Reviews facilitated by Open Source Technology Improvement Fund, aka OSTIF

  283

• Legit-Labs/legitify

  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets

  Language:Go75862

• jmdx/TLS-poison

  Language:Rust68475

• aquasecurity/trivy

  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

  Language:Go22.9k2.3k

• darkoperator/dnsrecon

  DNS Enumeration Script

  Language:Python2.6k530

• sherlock-project/sherlock

  Hunt down social media accounts by username across social networks

  Language:Python58.2k6.7k

• WebBreacher/WhatsMyName

  This repository has the JSON file required to perform user enumeration on various websites.

  1.6k278

• Lissy93/personal-security-checklist

  🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

  Language:TypeScript16.7k1.2k

• gitleaks/gitleaks

  Protect and discover secrets using Gitleaks 🔑

  Language:Go17.4k1.4k